Creating an Encrypted Pool (BUI)
For more detailed information about creating a pool, see Creating a Storage Pool (BUI).
Pool keystore and key name values can be changed at any point after the pool has been created. However, you cannot add encryption information to a pool that was already created as unencrypted.
Any dataset that is created in an encrypted pool will also be encrypted. You cannot create unencrypted projects or shares on an encrypted pool.
Before You Begin
To create an encrypted storage pool, upgrade to software release OS8.8.0 or later and accept all deferred updates, including "Enable Pool Encryption." See Enable Pool Encryption Deferred Update in Oracle ZFS Storage Appliance Customer Service Manual, Release OS8.8.x.
The encryption key must be created before you can create an encrypted pool. See Data Encryption.
- Because the keystore must be configured before the pool is created, you cannot create an encrypted pool at initial system configuration or after factory reset.
- Before setting up replication for a share or project in a encrypted pool, ensure that the encryption key used at the source is also available at the target.
Related Topics