ONTAP Discussions

Configuring OT for External KMS - weird requirements

JFM
2,050 Views

Hi,

Reading the external key management configuration, in the encryption power guide:

"You can use one or more KMIP servers to secure the keys the cluster uses to access encrypted data. Beginning with ONTAP 9.6, you can use one or more KMIP servers to secure the keys a given SVM uses to access encrypted data.

(...)

  • You must configure the MetroCluster environment before the key manager is configured."

Do this mean: in case you are using an MC configuration, configure it before enabling KMIP" or does this mean an MC config is required to use KMIP servers. 

 

Thanks for the clarification. 

https://docs.netapp.com/us-en/ontap/encryption-at-rest/enable-external-key-management-96-later-nve-task.html

Presales SE at ESI Technologies
1 ACCEPTED SOLUTION

SpindleNinja
2,031 Views

You can tell them,  either by clicking "request doc changes" on the right side.  or the email link at the bottom.  "Have feedback for our website? Let us know "  It'll create an email and populate the subject line. 

View solution in original post

3 REPLIES 3

SpindleNinja
2,041 Views

i believe the former.  You need both sides of an MCC up before you configure it.  

For a non-MCC cluster you just set it up after the cluster is up. 

 

JFM
2,034 Views

Thanks, makes sense... the wording should be adjusted IMHO in the doc. 

Presales SE at ESI Technologies

SpindleNinja
2,032 Views

You can tell them,  either by clicking "request doc changes" on the right side.  or the email link at the bottom.  "Have feedback for our website? Let us know "  It'll create an email and populate the subject line. 

Public