Encryption KBs
Encryption KBs
Featured
NetApp Encryption Overview
NetApp offers both software and hardware based encryption technologies
NetApp offers both software and hardware based encryption technologies
FAQ: NVE and NAE
Frequently asked questions about NetApp Volume and NetApp Aggregate Encryption
Frequently asked questions about NetApp Volume and NetApp Aggregate Encryption
What is NetApp Storage Encryption
Full disk encryption that protects data at rest with no operational impact
Full disk encryption that protects data at rest with no operational impact
Other Resources
- Onboard keys not found after boot device replacementThu, 18 Sep 2025
- crypto.import.failed errors after re-initializing an ONTAP ClusterFri, 05 Sep 2025
- What is the config step in ONTAP when External Key Manager restore with same CAThu, 14 Aug 2025
- Volume creation fails in GCP as VEKs cannot be created for data SVMMon, 11 Aug 2025
- Newly created aggreagtes are not being encrypted after enabling OKMThu, 31 Jul 2025
- Does the server-CA certificate SwisscomRootCA1 need to be renewed manually?Thu, 31 Jul 2025
- Is it required to install SSL certificates for disk encryption?Tue, 29 Jul 2025
- Unable to modify EKM server-ca certificates due to errorMon, 21 Jul 2025
- External Key Manager reports SSL PEER VALIDATION errorFri, 20 Jun 2025
- Can SnapLock Enterprise mode snapshots be deleted before the retention period expiresFri, 13 Jun 2025
- SVM Migrate will not preserve SVM Root volume if NAE and NAE aggr is present on destThu, 22 May 2025
- Does NetApp support encryptionTue, 20 May 2025
- EMS message : mgmtgwd.certificate.expiring for client certificateThu, 15 May 2025
- Enable encryption (NVE) on Load Sharing (LS) Mirror volumesTue, 06 May 2025
- How to protect FIPS or SED drives from authentication lock out while troubleshooting KMIP reachability issuesThu, 24 Apr 2025
- How to determine what certificates are used by ONTAPWed, 23 Apr 2025
- ONTAP Truststore certificate BaltimoreCyberTrustRoot expiring May 2025Wed, 23 Apr 2025
- ARP snapshot are not working as per the retain interval set to 1Thu, 17 Apr 2025
- How to remove then reapply existing SED authentication keysMon, 07 Apr 2025
- Unable to add external key manager using the System Manager when OKM is configuredMon, 07 Apr 2025
- How to install a root-ca certificate for AD LDAPTue, 30 Sep 2025
- Data authentication key assignment in the data volume/aggregate/FIPS drive or SEDMon, 29 Sep 2025
- How to recover from a lost passphrase while using onboard encryption and NVE within ONTAPMon, 22 Sep 2025
- Onboard keys not found after boot device replacementThu, 18 Sep 2025
- OKM keys not restored after ONTAP cluster expansionMon, 15 Sep 2025
- Error "unable to get issuer certificate" depth 2Mon, 08 Sep 2025
- How to remove external key servers from ONTAPSat, 06 Sep 2025
- Object store creation fails with "Cannot verify the certificate given by the object store"Fri, 05 Sep 2025
- crypto.import.failed errors after re-initializing an ONTAP ClusterFri, 05 Sep 2025
- Unable to modify EKM server-ca certificates due to errorFri, 05 Sep 2025
- crypto.import.failed events observed during boot of clusterWed, 03 Sep 2025
- ONTAP Upgrade Advisor Plan: Validate encryption keys are in sync for all nodesFri, 29 Aug 2025
- How does ONTAP behave when the external key manager is not accessible?Tue, 26 Aug 2025
- What is the Certificate Truststore in ONTAP?Tue, 19 Aug 2025
- What is the config step in ONTAP when External Key Manager restore with same CAThu, 14 Aug 2025
- KMIP server not responding while node boots due to network connectivity issuesWed, 13 Aug 2025
- Volume creation fails in GCP as VEKs cannot be created for data SVMMon, 11 Aug 2025
- Creating log forward fails with TCP encrypted protocolMon, 11 Aug 2025
- Onboard keymanager sync fails after motherboard replacementFri, 01 Aug 2025
- NVE volumes offline after TPM chip motherboard replacement when using OKMFri, 01 Aug 2025
Highest rated
(rating)- Digital Certificate Expiring\Expired in Active IQ Unified Manager
- NVE: Encrypted volumes go offline after reboot in ONTAP 9.5 and earlier
- How do i know whether my data is encrypted at rest?
- How to rotate data authentication keys on a FIPS drive or SED
- What data is encrypted with NetApp Volume Encryption (NVE) and NetApp Aggregate Encryption (NAE)?
- Restore onboard key management encryption keys
- Can deleted files be non-disruptively purged from NVE volumes?
- How do I realize aggregate deduplication space savings after moving NVE volumes to NAE volumes?
- ONTAP Truststore certificate BaltimoreCyberTrustRoot expiring May 2025
- Nodes will not boot, error: Unable to restore data access on encrypting disk
- Can I instantaneously delete an NVE volume encryption key without deleting the volume?
- The new client certificate public or private keys are different from the existing client certificate
- ONTAP 9 giveback operation was vetoed by keymanager
- Error: Encryption is not enabled on the destination cluster
- When Onboard Key Manager (OKM) Common Criteria Mode is enabled a cluster-wide passphrase is required at system startup
Recently updated
(date updated)- How to install a root-ca certificate for AD LDAP
- Data authentication key assignment in the data volume/aggregate/FIPS drive or SED
- How to recover from a lost passphrase while using onboard encryption and NVE within ONTAP
- Onboard keys not found after boot device replacement
- OKM keys not restored after ONTAP cluster expansion
- Error "unable to get issuer certificate" depth 2
- How to remove external key servers from ONTAP
- Object store creation fails with "Cannot verify the certificate given by the object store"
- crypto.import.failed errors after re-initializing an ONTAP Cluster
- Unable to modify EKM server-ca certificates due to error
- crypto.import.failed events observed during boot of cluster
- ONTAP Upgrade Advisor Plan: Validate encryption keys are in sync for all nodes
- How does ONTAP behave when the external key manager is not accessible?
- What is the Certificate Truststore in ONTAP?
- What is the config step in ONTAP when External Key Manager restore with same CA
Recently added
(date created)- Onboard keys not found after boot device replacement
- crypto.import.failed errors after re-initializing an ONTAP Cluster
- What is the config step in ONTAP when External Key Manager restore with same CA
- Volume creation fails in GCP as VEKs cannot be created for data SVM
- Newly created aggreagtes are not being encrypted after enabling OKM
- Does the server-CA certificate SwisscomRootCA1 need to be renewed manually?
- Is it required to install SSL certificates for disk encryption?
- Unable to modify EKM server-ca certificates due to error
- External Key Manager reports SSL PEER VALIDATION error
- Can SnapLock Enterprise mode snapshots be deleted before the retention period expires
- SVM Migrate will not preserve SVM Root volume if NAE and NAE aggr is present on dest
- Does NetApp support encryption
- EMS message : mgmtgwd.certificate.expiring for client certificate
- Enable encryption (NVE) on Load Sharing (LS) Mirror volumes
- How to protect FIPS or SED drives from authentication lock out while troubleshooting KMIP reachability issues