File Share Encryption

We have PGP server clusgter with 3.2.x, also we have web messenge and mail for few users. Now by unknowingly we deleted the Ignition Key. But we came to know it is required little later and now want to create a new only as we don't have the soft Ignition Key.

Could someone advice on how to get back old Ignition key?

Suppose if we create a new IK then what is the effect on the server, users and the data on the server?

If we go for a new one and how to set that new IK to make to use by our PGP server?

If we upgrade to the new version is this issue will resolve by itself (deletion of old ID)? so we can create a new key?

create a new IK and restart the server, this will take care of the user keys, data on the server linked as the old key.

Thank you in advance

Reddy

When you remove the ignition key, it will begin to decrypt the database, because that is one of the main things the ignition key protects.  You can add a new one after the decryption is finished, and it will, again, begin to encrypt the database.

Things that are protected by the ignition key:

• Symantec Encryption Web Email Protection passphrases. (If you do not have an Ignition Key, Symantec Encryption Web Email Protection passphrases are stored in the clear.)
• Symantec Encryption Web Email Protection messages, if you choose it. Enable this option on the Services > Web Messenger page.
• Internal and external user private (SKM) keys.
• Whole Disk Recovery Tokens.
• Organization key, public and private.
• Cluster shared secrets.