Data storage
Pure Storage FlashArray
Ongoing RDL operation
3min
This section provides guidance on ongoing RDL operations.
The following notes apply to KMIP:
- You can only delete a certificate when no KMIP server uses it. Use the KMIP server to determine if it is in use through . The purecert command does not include information on whether a certificate is in use.
- Currently, you cannot rename a KMIP server or a certificate used with a KMIP server.
If you need to block access to FlashArray data immediately, perform one of the following steps and then either power down the FlashArray or restart Purity:
- On the KMIP server (), revoke the TLS certificate used for communication with the FlashArray. You can recover later by redoing the certificate setup steps.
- On the KMIP server (), delete the secret key used for communication with the FlashArray. You cannot recover FlashArray data after this step. Use this process only to make the array data permanently inaccessible.
These steps do not block data availability until Purity is restarted or the array is powered off.
All data on the FlashArray might become inaccessible if any of the following events happen after RDL is enabled on the array.
- The KMIP server is removed or is not accessible.
- The certificate used with the KMIP server expires.
You see an alert, but data remains accessible until the next Purity restart or failover.
Updated 11 Dec 2024
Did this page help you?