I'm assuming you're referring to Data-at-Rest Encryption. If you're using local key management on each DD array, you're effectively using a unique key on each DD2500. They don't have to share the same key, since the filesystem encryption is local/unique to each DD array already.
The security officer role is distinct from the admin role. If you follow the section in the documentation in regards to enabling encryption, you'll see you need to create a new user with the right role. You'll also need to login with this role to enable things.
You can export the keys from the CLI with "filesys encryption keys export". Let us know if that helps!
umichklewis
3 Apprentice
•
1.2K Posts
1
November 9th, 2015 08:00
I'm assuming you're referring to Data-at-Rest Encryption. If you're using local key management on each DD array, you're effectively using a unique key on each DD2500. They don't have to share the same key, since the filesystem encryption is local/unique to each DD array already.
The security officer role is distinct from the admin role. If you follow the section in the documentation in regards to enabling encryption, you'll see you need to create a new user with the right role. You'll also need to login with this role to enable things.
You can export the keys from the CLI with "filesys encryption keys export". Let us know if that helps!
Karl