-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Labels:None
ORIGINAL TITLE: Investigate changes in SERVER-74554: Fix KMIP client interoperability with legacy KMIP Servers
Added a new optional config option, security.kmip.useLegacyProtocol (short name is kmipUseLegacyProtocol) which, if enabled, will force the server to use the KMIP 1.0 protocol rather than the default KMIP 1.2 protocol to speak to KMIP servers for ESE and auditing. This option should be documented.
Description of Linked Ticket
The KMIP client built into the MongoDB server was upgraded to send protocol version 1.2 to KMIP servers in the request message headers. However, some KMIP servers only speak 1.1 or 1.0 and reject messages with a higher protocol version.
We should make sure that the mongod server can communicate with KMIP Servers that only speak 1.1 and 1.0 to maintain backwards compatibility.
As part of this ticket, we should also investigate improving logging for our KMIP interoperability errors.
- backported by
-
DOCS-16053 [BACKPORT] [v7.0] Fix KMIP client interoperability with legacy KMIP Servers
- Closed
-
DOCS-16054 [BACKPORT] [v6.0] Fix KMIP client interoperability with legacy KMIP Servers
- Closed
- documents
-
SERVER-74554 Fix KMIP client interoperability with legacy KMIP Servers
- Closed