Enable Encryption on existing Replica set

Hi All!

Can you please help to configure encryption on existing replica set (using local key). I tried enabling the required parameter but facing errors.

Configuration Parameters:

enableEncryption: true
encryptionKeyFile: /mongo/encryption/mykey

“{“t”:{”$date":“2023-06-08T12:04:29.895+05:00”},“s”:“E”, “c”:“STORAGE”, “id”:24248, “ctx”:“initandlisten”,“msg”:“Unable to retrieve key”,“attr”:{“keyId”:“.system”,“error”:{“code”:2,“codeName”:“BadValue”,“errmsg”:“There are existing data files, but no valid keystore could be located.”}}}"


Follow the tutorial below. You will have to enable encryption on each member one by one in a rolling fashion and perform initial syncs. After that all member will have encrypted at rest data.


Many thanks, the issue has been resolved and like you’ve mentioned all steps are taken care of. In fact, there was a permission issue on my local key file. Documents say to keep the permission 600 in root ownership, but it did not work out. Keeping permission to 400 under ownership of mongod, helped in the end.
Thanks for your valuable input.