Skip to content

Commit

Permalink
Loading
Loading status checks…
backport of commit d1fda88 (#26302)
Browse files Browse the repository at this point in the history 
Co-authored-by: James Bayer <[email protected]>
  • Loading branch information
@hc-github-team-secure-vault-core @jbayer
hc-github-team-secure-vault-core and jbayer authored Apr 8, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode
1 parent 049dc66 commit 3707990
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions website/content/docs/secrets/kmip.mdx
View file
Original file line number Diff line number Diff line change
@@ -74,6 +74,15 @@ requests.
```text
$ vault write kmip/config listen_addrs=0.0.0.0:5696
```
### KMIP Certificate Authority for Client Certificates

When the KMIP Secrets Engine is initially configured, Vault generates a KMIP
Certificate Authority (CA) whose only purpose is to authenticate KMIP client
certificates.

Vault uses the internal KMIP CA to generate certificates for clients
authenticating to Vault with the KMIP protocol. You cannot import external KMIP
authorities. All KMIP authentication must use the internally-generated KMIP CA.

## Usage

0 comments on commit 3707990

Please sign in to comment.