If you want to encrypt encrypted data with another encryption key, the data must be moved. You must create a new encrypted parity group and then move the data to that parity group using
ShadowImage,
TrueCopy, or
Volume Migration. You can move data for each LDEV.
Note: After migrating data, if you disable encryption on the source parity group, the encryption keys assigned to the drives in the parity group are deleted, and new encryption keys are assigned. In addition, if a drive is replaced, the data encryption keys allocated to that drive are deleted, and new data encryption keys are allocated when the new drive is added.
- Create a new parity group.
- Enable encryption with a new data encryption key. See Enabling encryption.
- Format the LDEVs in the encrypted parity group. For instructions, see the Provisioning Guide.
- Migrate the source data to the new target LDEVs in the encrypted parity group.