Skip to main content

Enable external security key management

The enable storageArray externalKeyManagement file command enables external security key management for a storage array that has Full Disk Encryption drives, and creates the initial drive security key.

Supported Arrays

This command applies to an individual DE2000H, DE4000H, DE4000F, DE6000H, or DE6000F storage array.

Roles

To execute this command on an storage array, you must have the Security Admin role.

Context

Note
This command applies only to external key management.

Syntax

enable storageArray externalKeyManagement 
file="<var id="GUID-25C683FC-7FFF-4F50-B661-8CA0F2D1FFA6__V1195981" className="keyword varname">fileName</var>" 
passPhrase="<var id="GUID-25C683FC-7FFF-4F50-B661-8CA0F2D1FFA6__V1195982" className="keyword varname">passPhraseString</var>"

Parameters

ParameterDescription
file

The file path and the file name where the new security key will be stored. Enclose the file path and the file name in double quotation marks (" "). For example:


    file="C:\Program Files\CLI\sup\drivesecurity.slk"

Important
The file name must have an extension of .slk .
passPhrase A character string that encrypts the security key so that you can store the security key in an external file. Enclose the pass phrase character string in double quotation marks (" ").

Notes

Your pass phrase must meet these criteria:

  • Must be between eight and 32 characters long.

  • Must contain at least one uppercase letter.

  • Must contain at least one lowercase letter.

  • Must contain at least one number.

  • Must contain at least one non-alphanumeric character, for example, < > @ +.

Note
If your pass phrase does not meet these criteria, you will receive an error message.