1. Installation and Administration Guide
  2. Sites, KMAs, Agents, and Data Units
  3. Manage KMAs
  4. Change a KMA Passphrase (Log the KMA Out of the Cluster)

Change a KMA Passphrase (Log the KMA Out of the Cluster)

Changing the passphrase for a KMA effectively logs it out of the cluster. This means that it cannot propagate information to peer KMAs in the cluster.

Available to: Security Officer (requires a quorum)
  1. Connect to another KMA in the cluster (not the KMA you want to change the passphrase on).
  2. From the System Management menu, select KMA List. Double-click the KMA entry (or highlight a KMA entry and click Details...).
  3. Click the Passphrase tab and modify the passphrase. Confirm the passphrase (retype the same passphrase). The phrase must meet the requirements listed in Passphrase Requirements.
  4. Click Save.
  5. Within the Key Split Quorum Authentication dialog, the quorum must type their usernames and passphrases to authenticate the operation (see Quorum Authentication).
  6. The KMA is not able to communicate with the cluster until it is logged back in . If the KMA has been logged out of the cluster for at least a few hours, then lock the KMA before logging the KMA back into the cluster. After recent updates have been propagated to this KMA, as shown by the Replication Lag Size in the KMA List panel, unlock the KMA (see Lock/Unlock the KMA).
  7. To log this KMA back into the cluster, see Log KMA Back into Cluster.