CreateKeyServerKmip
You can use the CreateKeyServerKmip
method to create a Key Management Interoperability Protocol (KMIP) key server with the specified attributes. During creation, the server is not contacted; it does not need to exist before you use this method. For clustered key server configurations, you must provide the hostnames or IP addresses of all server nodes in the kmipKeyServerHostnames parameter. You can use the TestKeyServerKmip
method to test a key server.
Parameters
This method has the following input parameters:
Name | Description | Type | Default value | Required |
---|---|---|---|---|
kmipCaCertificate |
The public key certificate of the external key server's root CA. This will be used to verify the certificate presented by external key server in the TLS communication. For key server clusters where individual servers use different CAs, provide a concatenated string containing the root certificates of all the CAs. |
string |
None |
Yes |
kmipClientCertificate |
A PEM format Base64 encoded PKCS#10 X.509 certificate used by the Solidfire KMIP client. |
string |
None |
Yes |
kmipKeyServerHostnames |
Array of the hostnames or IP addresses associated with this KMIP key server. Multiple hostnames or IP addresses must only be provided if the key servers are in a clustered configuration. |
string array |
None |
Yes |
kmipKeyServerName |
The name of the KMIP key server. This name is only used for display purposes and does not need to be unique. |
string |
None |
Yes |
kmipKeyServerPort |
The port number associated with this KMIP key server (typically 5696). |
integer |
None |
No |
Return values
This method has the following return values:
Name |
Description |
Type |
kmipKeyServer |
An object containing details about the newly created key server. |
Request example
Requests for this method are similar to the following example:
{ "method": "CreateKeyServerKmip", "params": { "kmipCaCertificate": "MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/E...", "kmipClientCertificate": "dKkkirWmnWXbj9T/UWZYB2oK0z5...", "kmipKeyServerHostnames" : ["server1.hostname.com", "server2.hostname.com"], "kmipKeyServerName" : "keyserverName", "kmipKeyServerPort" : 5696 }, "id": 1 }
Response example
This method returns a response similar to the following example:
{ "id": 1, "result": { "kmipKeyServer": { "kmipCaCertificate":"MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/E...", "kmipKeyServerHostnames":[ "server1.hostname.com", "server2.hostname.com" ], "keyProviderID":1, "kmipKeyServerName":"keyserverName", "keyServerID":1 "kmipKeyServerPort":1, "kmipClientCertificate":"dKkkirWmnWXbj9T/UWZYB2oK0z5...", "kmipAssignedProviderIsActive":true } } }
New since version
11.7