Skip to content

Commit

Permalink
backport of commit d1fda88 (#26302)
Browse files Browse the repository at this point in the history 
Co-authored-by: James Bayer <1139532+jbayer@users.noreply.github.com>
  • Loading branch information
@hc-github-team-secure-vault-core @jbayer
hc-github-team-secure-vault-core and jbayer authored Apr 8, 2024
1 parent 049dc66 commit 3707990
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions website/content/docs/secrets/kmip.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,15 @@ requests.
```text
$ vault write kmip/config listen_addrs=0.0.0.0:5696
```
### KMIP Certificate Authority for Client Certificates

When the KMIP Secrets Engine is initially configured, Vault generates a KMIP
Certificate Authority (CA) whose only purpose is to authenticate KMIP client
certificates.

Vault uses the internal KMIP CA to generate certificates for clients
authenticating to Vault with the KMIP protocol. You cannot import external KMIP
authorities. All KMIP authentication must use the internally-generated KMIP CA.

## Usage

Expand Down

0 comments on commit 3707990

Please sign in to comment.