--- title: "Backup and Restore - Non-SGX" slug: "fortanix-dsm-backup-and-restore-non-sgx" updated: 2026-04-01T07:31:46Z published: 2025-07-21T08:23:38Z --- > ## Documentation Index > Fetch the complete documentation index at: https://support.fortanix.com/llms.txt > Use this file to discover all available pages before exploring further. # Backup and Restore - Non-SGX ## 1.0 Introduction The backup and restore process remains the same as other Fortanix DSM hardware-based deployments. But when deployed on VMWare, AWS, Azure and on VMs without SGX capability, a deployment key is created in software. This deployment-key is not backed-up to the backup location along with the backup data due to security reasons. > [!NOTE] > NOTE > > - Deployment-key is required to restore the backup in case the cluster is being reset or re-created. Hence the deployment key must be backed-up in a safe location. Backup cannot be restored (will be rendered unusable) without this deployment key during the restoration process. > - Ensure the DR node is running the same software version as the cluster it is joining. ## 2.0 Configuring Backup on a Non-SGX This section describes the steps to configure backup on non-SGX cluster before creating a Fortanix-Data-Security-Manager cluster on the DR node. Perform the following steps: 1. Log in to the production or source cluster. 2. Run the following command to locate the deployment key: ```bash $ kubectl get secrets sdkms-deployment-key-store ``` 3. Run the following command to get the backup of `sdkms-deployment-key-store` secret: ```bash sudo kubectl get secrets sdkms-deployment-key-store -o yaml > sdkms-deployment-key-store.yaml ``` 4. Save the `sdkms-deployment-key-store.yaml` file in a secure location. > [!NOTE] > NOTE > > Ensure to save it in different folder other than backup folder. 5. Run the following command to copy the `sdkms-deployment-key-store.yaml` secret to the DR node or target node where the restore operation is to be performed: ```bash scp sdkms-deployment-key-store.yaml   username@ipaddress: home ``` 6. Restore the sdkms-deployment-key after the cluster reset. When a new cluster is created, a new random sdkms-deployment-key gets auto-created. But as we are restoring the cluster from the backup, we need to delete the sdkms-deployment-key and restore the saved sdkms-deployment-key. *For steps to back up the audit log, refer to*[*Fortanix DSM Backup for Audit Log*](/v1/docs/fortanix-dsm-backup-for-audit-log)*.* ## 3.0 Recovering the Data *For a step-by-step procedure on data recovery, refer to*[*Fortanix DSM Restoration Guide - Automated*](/v1/docs/fortanix-dsm-restoration-guide-automated)*.* Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface. Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.