An Encryption Management Server Ignition Key protects certain data by encrypting it.
The following data items are encrypted with the ignition key:
- Organization Key.
- Keys of internal and external users if they are SKM (Server Key Mode) keys.
- Whole Disk Recovery Tokens (WDRTs).
- Web Email Protection messages - this is optional.
This protects the data in the event that an unauthorized person obtained control of the database.
After the administrator successfully logs into Encryption Management Server they are prompted for the ignition key passphrase. They are only prompted for the ignition key passphrase after each reboot of the server.
If a server is rebooted but the administrator does not login, the server will still replicate data with other cluster members if it is part of a cluster.