Data Encryption Workflow
Data Encryption Workflow
The following steps show the general procedure for configuring and using data encryption. For
information about encryption properties, see “Encryption Properties” on page 581.
1.
Configure LOCAL keystore or Oracle Key Manager (OKM) keystore encryption.
For information about creating LOCAL or OKM keystores, see the following topics:
■
“Configuring LOCAL Keystore Encryption (BUI)” on page 560 or “Configuring
LOCAL Keystore Encryption (CLI)” on page 563
■
“Configuring OKM Keystore Encryption (BUI)” on page 564 or “Configuring OKM
Keystore Encryption (CLI)” on page 565
2.
Create LOCAL or OKM encryption keys.
For information about creating LOCAL or OKM keys, see the following topics:
■
“Configuring LOCAL Keystore Encryption (BUI)” on page 560 or “Configuring
LOCAL Keystore Encryption (CLI)” on page 563
■
“Configuring OKM Keystore Encryption (BUI)” on page 564 or “Configuring OKM
Keystore Encryption (CLI)” on page 565
3.
(Optional) Create a project using one of the LOCAL or OKM encryption keys.
For information about creating a project, see “Creating a Project (BUI)” on page 344.
4.
Create a share in a project that uses an encryption key or create a share using
one of the LOCAL or OKM encryption keys.
For information about creating a share, see “Shares and Projects” on page 343 or “Creating an
Encrypted Project (CLI)” on page 567.
Related Topics
■
“Managing Encryption Keys” on page 582
■
“Performance Impact of Encryption” on page 584
■
“Encryption Key Life Cycle” on page 585
■
“Backing up and Restoring Encrypted Data” on page 585
Configuring LOCAL Keystore Encryption (BUI)
To configure encryption using the LOCAL keystore, first set up the master passphrase and then
create keys for assigning to encrypted shares. For information about encryption properties, see
“Encryption Properties” on page 581.
560 Oracle ZFS Storage Appliance Administration Guide, Release OS8.6.x • September 2016
To Next Page
Loading...
Need help?
General
