[SERVER-62942] Mongo node should not check active status of KMIP key when rotating Created: 24/Jan/22  Updated: 29/Oct/23  Resolved: 04/Feb/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.3.0

Type: Bug Priority: Major - P3
Reporter: Shreyas Kalyan Assignee: Shreyas Kalyan
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Security 2022-02-07
Participants:

 Description   

When rotating a key, it does not make sense to check the active status of a key that the node is rotating off of. If the user is trying to rotate the key because it has been deactivated, we would still want to continue with the key rotation, which is not the current behavior. Instead we see - `{"t":

{"$date":"2022-01-24T21:13:35.429+00:00"}

,"s":"E", "c":"STORAGE", "id":24248, "ctx":"initandlisten","msg":"Unable to retrieve key","attr":{"keyId":".system","error":

{"code":2,"codeName":"BadValue","errmsg":"State of KMIP Key for ESE is not active on startup. UID: (1). State: deactivated"}

}}`



 Comments   
Comment by Githook User [ 04/Feb/22 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-62942 Mongo node should not check active status of KMIP key when rotating
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/0d39581caf9d2f4077abf72cb365f76f2123a8f2

Generated at Thu Feb 08 05:56:29 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.