[SERVER-19428] ESE usability improvements Created: 15/Jul/15  Updated: 05/Feb/16  Resolved: 19/Jul/15

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 3.1.5
Fix Version/s: 3.1.6

Type: Improvement Priority: Major - P3
Reporter: Andreas Nilsson Assignee: Andreas Nilsson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to WT-2012 Better Encryption API Error Message Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 6 07/17/15
Participants:

 Description   
  • Give better startup message when starting with encryptionKeyFile option.
  • Accept providing a keyId that's already stored.
  • starting mongod with keyfile encryption, then restarting with either no encryption or kmip gives confusing error message:
    • no keyfile gives: Invariant failure t src/mongo/base/checked_cast.h 61
    • kmip gives: Aborting due to exception in WT_ENCRYPTOR::customize: Location4043 metadata encryption key uuid string cannot be empty (I'm omitting the full stack since this is straightforward to repro)
  • starting mongod with kmip, then restarting with keyFile. Currently gives errorr: "2015-07-15T18:13:10.305-0400 I STORAGE [initandlisten] Encryption key manager initialized using system key with id:"
  • [nit] Error message for bad keyFile: "Unable to retrieve key system BadValue Encryption key in key has length 12, must be either 16 or 32" should specify the unit; 16 or 32 characters
  • [nit] Error message when keyFile doesn't exist: "Unable to retrieve key system InvalidPath error getting file key: No such file or directory." Missing some punctuation around "InvalidPath".


 Comments   
Comment by Githook User [ 13/Oct/15 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-19428 Improve KMIP SSL error messages
Branch: artree
https://github.com/10gen/mongo-enterprise-modules/commit/971eb0c2d0a5f07d7892a9c82668106af50b70e9

Comment by Githook User [ 14/Sep/15 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-19428 Improve KMIP SSL error messages
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/971eb0c2d0a5f07d7892a9c82668106af50b70e9

Comment by Githook User [ 14/Sep/15 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-19428 Improve KMIP SSL error messages
Branch: master
https://github.com/mongodb/mongo/commit/ac36dcc9c92af5eb7a356779e74f767e4c23ade2

Comment by Githook User [ 17/Jul/15 ]

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: SERVER-19428 ESE error message improvement
Branch: master
https://github.com/mongodb/mongo/commit/0db35ed67ac5c22969cc674a43bf741f85cd9bdc

Generated at Thu Feb 08 03:50:56 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.