Skip to main content
NetApp Knowledge Base

How do I unencrypt an NAE volume?

Views:
2,143
Visibility:
Public
Votes:
3
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • ONTAP 9
  • NetApp Volume Encryption (NVE)
  • NetApp Aggregate Encryption (NAE)

Answer

Use one of the following methods:

1. Use another aggregate:

a. Move the volumes to another non-NAE aggregate and convert them to plain text volumes:

::> volume move start -vserver <vserver_name> -volume <volume_name> -destination-aggregate <aggr_name> -encrypt-destination false -encrypt-with-aggr-key false

2. Use the same aggregate:

a. Assuming you have space in the existing NAE aggregate, move the volumes to convert them from NAE to NVE (which NAE aggregates do allow) in the same aggregate:

::> volume move start -vserver <vserver_name> -volume <volume_name> -destination-aggregate <aggr_name> -encrypt-destination true -encrypt-with-aggr-key false

b. After all the volumes are NVE, and no NAE encrypted volumes exist, disable NAE on the aggregate:::> aggregate modify -aggregate <aggr_name> -node <node_name> -encrypt-with-aggr-key false

Note: Make sure that no aggregate snapshot copies exist, or the command will fail.

c. Move the NVE volumes to unencrypt them and convert them to plain text:

::> volume move start -vserver <vserver_name> -volume <volume_name> -destination-aggregate <aggr_name> -encrypt-destination false

Note: If the step b was missed, the volume move will fail with the error:

Error: command failed: The destination aggregate "aggr_name" is an NAE (NetApp Aggregate Encryption) aggregate. Non-encrypted volumes are not supported in such aggregates.

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.