ONTAP 9 Manuals ( CA08871-402 )

Remove an external key manager connection

You can disconnect a KMIP server from a node when you no longer need the server. For example, you might disconnect a KMIP server when you are transitioning to volume encryption.

About this task

When you disconnect a KMIP server from one node in an HA pair, the system automatically disconnects the server from all cluster nodes.

If you plan to continue using external key management after disconnecting a KMIP server, make sure another KMIP server is available to serve authentication keys.
Before you begin

You must be a cluster or SVM administrator to perform this task.

Step
  1. Disconnect a KMIP server from the current node:

    For this ONTAP version…​

    Use this command…​

    ONTAP 9.7 and later

    security key-manager external remove-servers -vserver SVM -key-servers host_name|IP_address:port,…​

    In a MetroCluster environment, you must repeat these commands on both clusters for the admin SVM.

    For complete command syntax, see the man pages.

Top of Page