Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

HPE Ezmeral Data Fabric

Verifying Your Integration

search

Verifying Your Integration

Perform the following steps to ensure the integration is successful:

  1. Use the mrhsm rekey command on a CLDB node to rekey the common or core KEK, and use the core KEK to re-encrypt the CLDB and DARE keys. Run the following command with the appropriate parameters:

    mrhsm rekey
-keytype core|common  Specifies the key type, which is either core or common
-sopin <so-pin>       PIN for SO (Security Officer)

    Rekeying the Core KEK also involves decrypting the CLDB and DARE keys using the existing Core KEK before generating a new Core KEK, and then re-encrypting the CLDB and DARE keys using the new Core KEK. This command only updates the KMIP configuration on the CLDB node on which this command was invoked.

After the successful re-keying operation, a new key is generated on the CipherTrust Manager with its version upgraded by one.

On this page