Refreshing keys

Use the zkey kms refresh command to refresh secure keys that are bound to EKMF Web.

About this task

Refreshing a key updates the secure key by reimporting it from EKMF Web.

You can filter the list of keys to be refreshed by:

Key name, option -N or --name
Key type, option -K or --key-type
Associated volumes, option -l or --volumes
Volume type, option -l or --volume-type

These options are the same as for other zkey kms commands. For details about the filter options, see zkey kms - Managing secure keys with a KMS plug-in, Pervasive Encryption for Data Volumes, SC34-2782, or the zkey man page.

Procedure

To refresh a key, issue a command of the form:
```
# zkey kms refresh -N <name>
```
You can use wildcards to refresh several keys.
For example, to refresh all keys whose names start with "sec", issue:
```
zkey kms refresh −N "sec*"
```
To refresh key properties, use the -P option
Refreshing updates the information on the zkey repository with the information from EKMF Web including the description, associated volumes, volume type, and sector size.
Refreshing the properties is useful when key properties have changed through the EKMF Web UI, or by zkey on another system (for shared keys).