1. Owner's Guide
  2. Recovery Appliance Command Line Interface Reference
  3. RACLI Overview
  4. racli add keystore

racli add keystore

Adds a keystore to the Recovery Appliance.

Syntax

racli add keystore --type=[HSM|SW] [--restart_db]

Options

--type

Specifies the type of keystore to be created. If not specified, default is HSM.

--restart_db

Restarts the database stack after changes to the keystore to ensure they are honored at service restart.

Details

Adds a keystore to the Recovery Appliance. The keystore contains one or more TDE master keys for each Recovery Appliance client database, plus the Recovery Appliance's TDE master key. The per-client TDE master keys are used to encrypt backup pieces that are copied to the cloud.

ATTENTION: The Recovery Appliance database is restarted to activate the keystore; plan for a short outage.

Examples

This example adds a keystore of type HSM to the Recovery Appliance.

racli add keystore --type=hsm