How to backup Onboard Key Manager (OKM)
Applies to
- Onboard Key Manager (OKM)
- ONTAP 9.0 and later
Description
- Onboard Key Manager (OKM) has a backup feature that will allow for recovery in disaster scenarios.
- It is required that every OKM instance have the current back up key management information stored offsite in a secure location along with passphrase.
- In the event of a head swap, cfcard replacement or cfcard corruption, manual recovery of the keys has to be performed.
Note: All nodes within the same cluster can use the other node's backup hex dump output in the event a recovery is needed.