Troubleshooting: Please define a master key server by invoking encrypt_key
server_update and retry.
v INVALID_RECOVERY_KEY_STATE
Recovery key state is inconsistent with the option provided.
Troubleshooting: Check the recovery key state using encrypt_recovery_key_list.
v RECOVERY_KEY_ALREADY_VERIFIED
The recovery key has already been verified.
Troubleshooting: Check the recovery key state using encrypt_recovery_key_list
Rekey the Security Admins
Restarts the recovery key generation process as described in
encrypt_recovery_key_generate
encrypt_recovery_key_rekey [ users=Users ] [ min_req=MinRequired ]
Parameters:
Name Type Description Mandatory Default
min_req Integer Minimum number
of required
Security Admins
recovery key
shares
N0
users Object name Comma delimited
list of Security
Admins to rekey
N N/A
This command restarts the recovery key generation process as described in
encrypt_recovery_key_generate. The only difference is that the parameters (users
and min_required) are optional, and will default to the values specified in the last
call to encrypt_recovery_key_generate. Note that none of the new recovery keys
will take effect until the last user has verified his or her's recovery key. Until then,
if recovery is required, the previous keys will be valid.
Example:
xcli -u -c XIV1 encrypt_recovery_key_rekey users=secadmin1,secadmin2,secadmin3,secadmin4
min_req=3
Output:
Command completed successfully.
Access Control:
User Category Permission
Storage administrator Disallowed
Storage integration administrator Disallowed
Application administrator Disallowed
Security administrator Allowed
Read-only users Disallowed
Chapter 23. Encryption enablement and support commands
501
To Next Page
Loading...
Need help?
General
