Encryption KBs
Encryption KBs
Featured
NetApp Encryption Overview
NetApp offers both software and hardware based encryption technologies
NetApp offers both software and hardware based encryption technologies
FAQ: NVE and NAE
Frequently asked questions about NetApp Volume and NetApp Aggregate Encryption
Frequently asked questions about NetApp Volume and NetApp Aggregate Encryption
What is NetApp Storage Encryption
Full disk encryption that protects data at rest with no operational impact
Full disk encryption that protects data at rest with no operational impact
Other Resources
Highest rated
(rating)- How to determine if the running ONTAP version supports NetApp Volume Encryption (NVE)
- How to rotate encryption keys for NetApp Storage Encryption (NSE)
- kmip_discover: Key server not responding, still trying during ONTAP upgrade
- Failed to determine if key manager is safe to disable
- How to renew or recreate an ONTAP self-signed SSL certificate with the NetApp PowerShell Toolkit
- What are the software-based encryption capabilities in ONTAP?
- How does NVE and NAE encrypt data?
- How to determine FIPS 140-2 or 140-3 certification number for encrypting drives
- NVE: Encrypted volumes go offline after reboot in ONTAP 9.5 and earlier
- Digital Certificate Expiring\Expired in Active IQ Unified Manager
- How do I transition from the onboard key manager to an external key manager or conversely
- Can I instantaneously delete an NVE volume encryption key without deleting the volume?
- When Onboard Key Manager (OKM) Common Criteria Mode is enabled a cluster-wide passphrase is required at system startup
- Can I do a volume move while an active NVE volume encryption start is running?
- Can deleted files be non-disruptively purged from NVE volumes?
Recently updated
(date updated)- Restore onboard key management encryption keys
- How to migrate Keys from Thales SafeNet Key Manager to Thales CipherTrust Key Manager with same CA certificate
- What is the impact of an expired digital certificate used for a Vserver?
- External Key Manager in unknown state with SSL peer validation errors
- ONTAP Truststore certificate BaltimoreCyberTrustRoot expiring May 2025
- How to protect FIPS or SED drives from authentication lock out while troubleshooting KMIP reachability issues
- Which interface is external key manager communication using during boot?
- Unable to complete volume move to decrypt due to disconnected KMIP server
- Failed to generate cluster key encryption key in kernel
- ONTAP AutoSupport using HTTPS fails validation when the Certificate is removed
- Nodes will not boot, error: Unable to restore data access on encrypting disk
- How to capture the PSID from the printed label of an encrypting drive
- ONTAP AutoSupport messages fail using HTTPS: SSL certificate problem
- How to switch from NVE or NAE to NSE
- How to rotate encryption keys for NetApp Storage Encryption (NSE)
Recently added
(date created)- How to protect FIPS or SED drives from authentication lock out while troubleshooting KMIP reachability issues
- ONTAP Truststore certificate BaltimoreCyberTrustRoot expiring May 2025
- How to remove then reapply existing SED authentication keys
- Unable to add external key manager using the System Manager when OKM is configured
- What does the ONTAP option "encryption.create.unique.clone.key.disable" do
- Have two keys for each encrypted volume using EKM
- Disable CC-mode
- Key manager port changed and no longer responds to ONTAP
- OKM sync fails after motherboard replacement due to wrong backup data option 10
- crypto.import.failed events observed during boot of cluster
- How do I confirm cluster scope encryption is enabled by default?
- Sporadic connection lost to external key manager
- Cannot assign authentication keys to disks after migration from OKM to EKM
- Encryption Conversion Start Failed to Get Encryption Type
- Unable to complete volume move to decrypt due to disconnected KMIP server