Skip to main content
NetApp Knowledge Base

How to configure the Onboard Key Manager (OKM) for password protected boot

Last Updated:

Applies to

  • Onboard Key Manager (OKM)
  • NetApp Volume Encryption (NVE)
  • ONTAP 9


This article describes the procedure to configure the Onboard Key Manager (OKM) for password protected boot.

  • ONTAP versions 9.4 and later have the capability to require the Onboard Key Manager (OKM) passphrase during the system boot process.
  • The OKM protected boot feature protects the ONTAP system from attackers who might gain physical access to the system.
  • The OKM passphrase is required during a system boot when the OKM protected boot feature is enabled.
  • This feature is particularly useful when physically transporting the ONTAP system from one location to another.
  • If desired, the feature can be enabled for transport, and then disabled once transport is complete.


Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.
Scan to view the article on your device