Skip to main content
NetApp Knowledge Base

NSE How to unconfigure the external key management before upgrading to Data ONTAP 9.3 or later

Views:
1,465
Visibility:
Public
Votes:
1
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • NetApp Storage Encryption (NSE)
  • Key Management Interoperability Protocol (KMIP)
  • ONTAP 9.2 and earlier Upgrading to ONTAP 9.3 or later

Description

This article describes the procedure to upgrade a NSE system using an external key management (KMIP) server to ONTAP 9.3 or later.

  • A new KMIP client has been released in the ONTAP 9.3 code (KMIP2).
  • Keys that were created/stored using a KMIP1 client in pre-ONTAP 9.3 releases cannot be retrieved using the new KMIP2 client.
  • For more information, see the ONTAP 9.3 Release Notes.

Page 25:
Important: If you are upgrading to ONTAP 9.3 from a previous version, you must delete any existing KMIP server connections using the security key-manager delete-kmip-config command before upgrading, then reconfigure the KMIP server connections using the security key-manager setup command after the upgrade is completed.”

  • The following error message may be seen when upgrading a NSE system with external KMIP to ONTAP 9.3:

Error: External key management is configured on the cluster.
       Please unconfigure the external key management before
       upgrading to Data ONTAP 9.3.
       To unconfigure, run the command:
       "security key-manager delete-kmip-config"
ERROR: external keymanager check failed.
Install Failed.

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.