keyServerKmip

Contributors netapp-mwallis Download PDF of this page

The keyServerKmip object describes a Key Management Interoperability Protocol (KMIP) key server, which is a location for retrieving authentication keys for use with cluster features such as Encryption at Rest.

Object members

This object contains the following members:

Name Description Type

keyProviderID

If this KMIP key server is assigned to a provider, this member contains the ID of the KMIP key provider it is assigned to. Otherwise this member is null.

integer

keyServerID

The ID of the KMIP key server. This is a unique value assigned by the cluster during key server creation. This value cannot be changed.

integer

kmipAssignedProviderIsActive

If this KMIP key server is assigned to a provider (keyProviderID is not null), this member indicates whether that provider is active (providing keys which are currently in use). Otherwise, this member is null.

boolean

kmipCaCertificate

The public key certificate of the external key server’s root CA. This is used to verify the certificate presented by the external key server in the TLS communication. For key server clusters where individual servers use different CAs, this member contains a concatenated string of the root certificates of all the CAs.

string

kmipClientCertificate

A PEM format Base64 encoded PKCS#10 X.509 certificate used by the Element storage KMIP client.

string

kmipKeyServerHostnames

The hostnames or IP addresses associated with this KMIP key server.

string array

kmipKeyServerName

The name of the KMIP key server. This name is only used for display purposes and does not need to be unique.

string

kmipKeyServerPort

The port number associated with this KMIP key server (typically 5696).

integer