CipherTrust Manager Integration with MongoDB
MongoDB is a document database designed for the ease of development and scaling. The Enterprise Edition of MongoDB lets you encrypt data files such that only users with the decryption key can decode and read the data.
If encryption is enabled, MongoDB Enterprise uses the the AES256-CBC via OpenSSL as default encryption mode. AES-256 uses a symmetric key (same key to encrypt and decrypt the text). CipherTrust Manager can be integrated with MongoDB to act as an external Key Management Server.
Supported Product Versions
Note
The integration is performed and certified on LTS release versions of CipherTrust Manager only. Feature releases support the integration and are covered under technical support but will not be explicitly certified. To know more about CipherTrust Manager release versions, click here.
CipherTrust Manager
- CipherTrust Manager 2.4 and higher
MongoDB Version
- MongoDB Enterprise 4.0 and higher
Prerequisites
Ensure that the CipherTrust Manager is installed and configured. For more details, refer to the CipherTrust Manager documentation.
MongoDB communicates with the CipherTrust Manager using the KMIP interface. Ensure that the KMIP interface is configured on the CipherTrust Manager. Refer to the CipherTrust Manager Administration Guide for details.
IP address of the CipherTrust Manager and port of the KMIP interface must be accessible from MongoDB.
CipherTrust Manager recognizes only registered KMIP clients. Ensure that KMIP client is registered.
