Navigation
This version of the documentation is archived and no longer supported. To learn how to upgrade your version of MongoDB Ops Manager, refer to the upgrade documentation.
You were redirected from a different version of the documentation. Click here to go back.
This version of the manual is no longer supported.
Rotate Keyfile
If your cluster uses keyfile authentication,
it is recommended that you rotate the keyfile periodically. Ops Manager
provides an automated procedure for keyfile rotation with no downtime.
Prerequisites
To perform a rolling keyfile rotation:
- Authentication must be enabled.
- At least one cluster in the project must be configured with the
clusterAuthMode
option set to
keyFile
or sendKeyFile
.
- All clusters in the project must be running MongoDB version 4.2 or
higher.
Procedure
Navigate to Authentication & TLS Settings.
- Click Deployment.
- Click the Security tab.
- Click Authentication & TLS.
Click Rotate Keyfile.
The Rotate Keyfile button is in the Auth Mechanisms
section.
Review your changes.
- Click Review & Deploy.
- The modal window contains a summary of the keyfile rotation
procedure. If it all looks correct, click
Confirm & Deploy.