What happens to information stored in OKM in case of disaster
Applies to
- ONTAP 9
Answer
Key information is held by the Replicated Database (RDB). When a node in the cluster goes down and looses one or more key ID, the cluster-wide passphrase will be used to restore them by syncing with RDB. In case of a disaster and loss of keys through the entirety of the cluster, onboard key-management information will be restored using the backup data gained when you run
security
key-manager backup show
command.You should copy onboard key management (OKM) information to a secure location outside the storage system whenever you configure the Onboard Key Manager passphrase. This is explained in Managing NetApp encryption
Additional Information
In case OKM needs to be restored, please contact NetApp Technical Support and reference this article for further assistance.