User's Manual
138 Controllers
4
If you want to save the Encryption Key credentials in a file on the system
where Distributed Web Server is running, select the
Escrow
check box.
You can use this file for future reference.
The
Path
field is displayed. Enter the path where you want to save the file.
The path should contain a file name with an .
xml
extension. The saved file
contains this information: SAS address, Encryption Key Identifier,
Passphrase, and modified date.
CAUTION: It is important to understand that if you lose the Passphrase, you
cannot recover it. If you move the physical disks associated with the lost
Passphrase to another controller or if the controller fails or is replaced, you
cannot access data from that disk.
NOTE: If Encryption Key Identifier or Passphrase contains special characters
such as &, ", <, and >, in the file, they are written as &, ", < and
> respectively.
NOTE: If the system crashes while saving the file, the backup file is saved in
the specified location.
5
Select the check-box indicating that you understand the implications of
using a Passphrase and click
Apply Changes
.
In the controller Information/Configuration sub-tab, the Encryption Key
Present is set to Yes and the Encryption mode is set to LKM.
Changing or Deleting the Encryption Key
You can change an Encryption Key of a controller if the controller already has
a configured Encryption Key. You can delete an Encryption Key for encrypted
controllers only if there are no encrypted virtual disks.
To change the Encryption Key, enter the New Encryption Key Identifier and
Passphrase. You are prompted to authenticate with the current Passphrase.
Ensure you read the note on the importance of Passphrase and consequences
of not saving the same, before applying the changes.
When you change the Encryption Key, the existing configuration on this
controller is updated to use the new Encryption Key. If you have removed any
of the encrypted drives previously, you must authenticate with the old
Passphrase to import the encrypted drives.
When changing the Encryption Key, you can also save or update the new
Encryption Key credentials to a file in the system where Distributed Web
Service is running. Select the Escrow check box. If you have already saved the