Modifying external key management server properties

Starting with ONTAP 9.6, you can use the security key-manager external modify-server command to change the I/O timeout and username of an external key management server.

1. On the storage system, change to advanced privilege level: set -privilege advanced
2. Modify external key manager server properties for the cluster: security key-manager external modify-server -vserver admin_SVM -key-server host_name|IP_address:port,... -timeout 1...60 -username user_name
   Note

   The timeout value is expressed in seconds. If you modify the user name, you are prompted to enter a new password.

   If you run the command at the cluster login prompt, admin_SVM defaults to the admin SVM of the current cluster. You must be the cluster administrator to modify external key manager server properties.

   Example

   The following command changes the timeout value to 45 seconds for the cluster1 external key management server listening on the default port 5696:

   clusterl::> security key-manager external modify-server -vserver cluster1 -key-server ks1.local -timeout 45
   
3. Modify external key manager server properties for an SVM (LVE only): security key-manager external modify-server -vserver SVM -key-server host_name|IP_address:port,... -timeout 1...60 -username user_name
   Note

   The timeout value is expressed in seconds. If you modify the user name, you are prompted to enter a new password.

   If you run the command at the SVM login prompt, SVM defaults to the current SVM. You must be the cluster or SVM administrator to modify external key manager server properties.

   Example

   The following command changes the username and password of the svm1 external key management server listening on the default port 5696:

   svml::> security key-manager external modify-server -vserver svm11 -key-server ks1.local -username svm1user
   Enter the password: 
   Reenter the password:
   
   
4. Repeat the last step for any additional SVMs.