[DOCS-16047] [SERVER] KMIP client interoperability Created: 17/Apr/23  Updated: 13/Nov/23  Resolved: 09/May/23

Status: Closed
Project: Documentation
Component/s: manual, Server
Affects Version/s: None
Fix Version/s: 7.0.0-rc0, 6.0.6, 7.1.0-rc0, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113

Type: Task Priority: Major - P3
Reporter: Backlog - Core Eng Program Management Team Assignee: Dave Cuthbert (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
backported by DOCS-16053 [BACKPORT] [v7.0] Fix KMIP client int... Backlog
backported by DOCS-16054 [BACKPORT] [v6.0] Fix KMIP client int... Backlog
Documented
documents SERVER-74554 Fix KMIP client interoperability with... Closed
Related
Participants:
Days since reply: 42 weeks, 2 days ago

 Description   

ORIGINAL TITLE: Investigate changes in SERVER-74554: Fix KMIP client interoperability with legacy KMIP Servers

Original Downstream Change Summary

Added a new optional config option, security.kmip.useLegacyProtocol (short name is kmipUseLegacyProtocol) which, if enabled, will force the server to use the KMIP 1.0 protocol rather than the default KMIP 1.2 protocol to speak to KMIP servers for ESE and auditing. This option should be documented.

Description of Linked Ticket

The KMIP client built into the MongoDB server was upgraded to send protocol version 1.2 to KMIP servers in the request message headers. However, some KMIP servers only speak 1.1 or 1.0 and reject messages with a higher protocol version.

We should make sure that the mongod server can communicate with KMIP Servers that only speak 1.1 and 1.0 to maintain backwards compatibility.

As part of this ticket, we should also investigate improving logging for our KMIP interoperability errors.


Generated at Thu Feb 08 08:14:27 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.