Data Center Fabric Manager Enterprise User Manual v10.3.X (53-1001357-01, November 2009)
518 DCFM Enterprise User Manual
53-1001357-01
Alternate master key
16
Alternate master key
The alternate master key is used to decrypt data encryption keys that were not encrypted with the
active master key. Restore the alternate master key for the following reasons:
• To read an old tape that was created when the group used a different active master key.
• To read a tape (or disk) from a different encryption group that uses a different active master
key.
Master key actions
Master key actions are as follows:
• Backup master key, which is enabled any time a master key exists.
• Restore master key, which is enabled when no master key exists or the previous master key
has been backed up.
• Create new master key, which is enabled when no master key exists or the previous master key
has been backed up.
Reasons master keys can be disabled
Master key actions are disabled if unavailable. There are several ways a master key can be
disabled:
• The user does not have Storage Encryption Security permissions. See “Encryption user
privileges” on page 469 for more information.
• The group leader is not discovered or managed by the Management application.
Saving the master key to a file
Use the following procedure to save the master key to a file.
1. Select Configure > Encryption from the menu bar.
The Encryption Center dialog box displays.
2. Select an encryption group from the tree, and click Properties.
NOTE
Master keys belong to the group and are managed from the group properties.
3. Select the Security tab.