-
Type: Task
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: manual
-
Labels:
- Add support for authenticated GCM encryption mode in addition to CBC mode for Encrypted Storage Engine
- Key rotation is only supported for KMIP master keys and is performed by using the following command line flag: --kmipRotateMasterKey
If no --kmipKeyIdentifier is provided, the server will either request a new key from the KMIP server or try to request the key id specified.
- documents
-
SERVER-19845 Support Master Key Rotation
- Closed
-
SERVER-19399 Add GCM support in the OpenSSL crypto wrapper
- Closed