• Security >
• Enable Authentication for an Ops Manager Project >
• Rotate Keyfile

Rotate Keyfile

If your cluster uses keyfile authentication, it is recommended that you rotate the keyfile periodically. Ops Manager provides an automated procedure for keyfile rotation with no downtime.

Prerequisites

To perform a rolling keyfile rotation:

• Authentication must be enabled.
• At least one cluster in the project must be configured with the clusterAuthMode option set to keyFile or sendKeyFile.
• All clusters in the project must be running MongoDB version 4.2 or higher.

Procedure

1

Navigate to Authentication & TLS Settings.

1. Click Deployment.
2. Click the Security tab.
3. Click Authentication & TLS.

2

Click Rotate Keyfile.

The Rotate Keyfile button is in the Auth Mechanisms section.

3

Review your changes.

1. Click Review & Deploy.
2. The modal window contains a summary of the keyfile rotation procedure. If it all looks correct, click Confirm & Deploy.

←   Clear Security Settings Manage Two-Factor Authentication for Ops Manager  →

© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.