Advertisement
b. Verify the
Restored
key-query
c. Verify that the
information.
d. Go to advanced privilege mode and enter
e. Enter the command to display the key management backup information:
manager onboard show-backup
f. Copy the contents of the backup information to a separate file or your log file. You'll need it in
disaster scenarios where you might need to manually recover OKM.
g. Return to admin mode:
h. You can safely shut down the controller.
Verify NSE configuration
1. Display the key IDs of the authentication keys that are stored on the key management servers:
key-manager key-query -key-type NSE-AK
After the ONTAP 9.6 release, you may have additional key manager types. The types are KMIP,
AKV, and GCP. The process for confirming these types is the same as confirming
key manager types.
onboard
• If the
Key Manager
down the impaired controller.
• If the
Key Manager
complete some additional steps.
• If the
Key Manager
yes, you need to complete some additional steps.
• If the
Key Manager
yes, you need to complete some additional steps.
1. If the
Key Manager
up the OKM information:
a. Go to advanced privilege mode and enter
b. Enter the command to display the key management information:
onboard show-backup
c. Copy the contents of the backup information to a separate file or your log file. You'll need it in
disaster scenarios where you might need to manually recover OKM.
d. Return to admin mode:
e. You can safely shut down the controller.
2. If the
Key Manager
yes:
Enter the customer's onboard key management passphrase at the prompt. If the
passphrase cannot be provided, contact NetApp Support.
column shows
type shows onboard, and then manually back up the OKM
Key Manager
set -priv admin
type displays
external
type displays
onboard
type displays
external
type displays
external
type displays
onboard
set -priv admin
type displays
external
for all authentication keys:
yes
when prompted to continue:
y
and the
column displays yes, it's safe to shut
Restored
and the
column displays yes, you need to
Restored
and the
column displays anything other than
Restored
and the
column displays anything other than
Restored
and the
Restored
y
when prompted to continue:
and the
Restored
mysupport.netapp.com
security key-manager
set -priv advanced
security key-
external
column displays yes, manually back
set -priv advanced
security key-manager
column displays anything other than
security
or
7
Advertisement
Need help?
Do you have a question about the AFF A200 and is the answer not in the manual?