ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • security key-manager onboard update-passphrase

    Update the Onboard Key Manager Passphrase

    Availability: This command is available to cluster administrators at the advanced privilege level.

    Description

    This command provides a way to update the cluster-wide passphrase that is used for the Onboard Key Manager and initially created by running the security key-manager onboard enable command. This command prompts for the existing passphrase, and if that passphrase is correct then the command prompts for a new passphrase. When the Onboard Key Manager is enabled for the admin Vserver, run the security key-manager onboard show-backup command after updating the passphrase and save the output for emergency recovery scenarios. When the security key-manager onboard update-passphrase command is executed in a MetroCluster configuration, then run the security key-manager onboard sync command with the new passphrase on the partner site before proceeding with any key-manager operations. This allows the updated passphrase to be replicated to the partner site.

    Examples

    The following example updates the cluster-wide passphrase used for the Onboard Key Manager:

    cluster-1::*> security key-manager onboard update-passphrase
    
    Warning: This command will reconfigure the cluster passphrase for onboard
             key management.
    Do you want to continue? {y|n}: y
    
    Enter current passphrase:
    
    Enter new passphrase:
    
    Reenter the new passphrase:
    Update passphrase has completed. Save the new encrypted configuration data in
    a safe location so that you can use it if you need to perform a manual recovery
    operation. To view the data, use the "security key-manager onboard show-backup"
    command.
    Top of Page