Appendix
Troubleshooting
You might encounter some issues while performing the integration steps mentioned in the previous sections. Mentioned below are some of the most common issues and the ways you can resolve them:
| Issue | Error Message | Remediation |
|---|---|---|
| KMIP auto-registration is not enabled | The following error message is displayed in the CipherTrust Manager Records:"errorMessage": "Unregistered client, please register a new client from CLI or API or UI." | Check whether the Auto registration option is selected in Admin Settings > System Interfaces > kmip. If it is not selected, turn on the Auto registration option. Refer to Configuration steps for CipherTrust Manager using the GUI or ksctl. |
| Incorrect KMIP interface mode has been selected | The following error message is displayed in the mongod logs:"initandlisten Unable to retrieve key .system, error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name." | Check whether the mode selected in Admin Settings > System Interfaces > kmip is "TLS, verify client cert, allow anonymous logins" or not. If not, make appropriate changes. |
| Error when enabling data encryption | The following error message is displayed in the mongod logs:"Unable to retrieve key .system, error: there are existing data files, but no valid keystore could be located." | Check whether the directory "/var/lib/mongodb" is empty or not. If not, clear all contents of this directory and try enabling the encryption again |
