CreateKeyServerKmip

You can use the CreateKeyServerKmip method to create a Key Management Interoperability Protocol (KMIP) key server with the specified attributes. During creation, the server is not contacted; it does not need to exist before you use this method. For clustered key server configurations, you must provide the hostnames or IP addresses of all server nodes in the kmipKeyServerHostnames parameter. You can use the TestKeyServerKmip method to test a key server.

Parameters

This method has the following input parameters:

Name Description Type Default value Required
kmipCaCertificate The public key certificate of the external key server’s root CA. This will be used to verify the certificate presented by external key server in the TLS communication. For key server clusters where individual servers use different CAs, provide a concatenated string containing the root certificates of all the CAs. string None Yes
kmipClientCertificate A PEM format Base64 encoded PKCS#10 X.509 certificate used by the Solidfire KMIP client. string None Yes
kmipKeyServerHostnames Array of the hostnames or IP addresses associated with this KMIP key server. Multiple hostnames or IP addresses must only be provided if the key servers are in a clustered configuration. string array None Yes
kmipKeyServerName The name of the KMIP key server. This name is only used for display purposes and does not need to be unique. string None Yes
kmipKeyServerPort The port number associated with this KMIP key server (typically 5696). integer None No

Return values

This method has the following return values:

Name Description Type
kmipKeyServer An object containing details about the newly created key server. KeyServerKmip

Request example

Requests for this method are similar to the following example:

{
  "method": "CreateKeyServerKmip",
  "params": {
    "kmipCaCertificate": "MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/E...",
    "kmipClientCertificate": "dKkkirWmnWXbj9T/UWZYB2oK0z5...",
    "kmipKeyServerHostnames" : ["server1.hostname.com", "server2.hostname.com"],
    "kmipKeyServerName" : "keyserverName",
    "kmipKeyServerPort" : 5696
  },
"id": 1
}

Response example

This method returns a response similar to the following example:

{
   "id": 1,
   "result": 
      {
        "kmipKeyServer": {
            "kmipCaCertificate":"MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/E...",
            "kmipKeyServerHostnames":[
                "server1.hostname.com", "server2.hostname.com"
            ],
            "keyProviderID":1,
            "kmipKeyServerName":"keyserverName",
            "keyServerID":1
            "kmipKeyServerPort":1,
            "kmipClientCertificate":"dKkkirWmnWXbj9T/UWZYB2oK0z5...",
            "kmipAssignedProviderIsActive":true
        }
    }
}

New since version

11.7