Appendix
Troubleshooting
You might encounter some issues while performing the integration steps mentioned in the previous sections. Mentioned below are some of the most common issues and the ways you can resolve them:
Issue | Error Message | Remediation |
---|---|---|
KMIP auto-registration is not enabled | The following error message is displayed in the CipherTrust Manager Records:"errorMessage": "Unregistered client, please register a new client from CLI or API or UI." | Check whether the Auto registration option is selected in Admin Settings > System Interfaces > kmip. If it is not selected, turn on the Auto registration option. Refer to Configuration steps for CipherTrust Manager using the GUI or ksctl. |
Incorrect KMIP interface mode has been selected | The following error message is displayed in the mongod logs:"initandlisten Unable to retrieve key .system, error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name." | Check whether the mode selected in Admin Settings > System Interfaces > kmip is "TLS, verify client cert, allow anonymous logins" or not. If not, make appropriate changes. |
For any errors encountered while enabling the encryption | Clean up the contents in this directory using the command: sudo rm -rf /var/lib/mongodb/* . Now, retry enabling the encryption. |