KMIP Server Configuration

KMIP  (Key Management Interoperability Protocol) enables the secure creation and storage of keys and other security objects on a key management server.

Note: You can also use an HSM (Hardware Security Module) to store the Admin Key. For details, see Hardware Security Modules with Cryptographic Security Platform Vault.

In addition, Cryptographic Security Platform Vault includes a fully functional KMIP server that you can use to serve requests from external KMIP clients. The Cryptographic Security Platform Vault KMIP server supports KMIP versions 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, 2.1, 3.0. The KMIP server is required if you want to use Cryptographic Security Platform Vault with VMs and VSAN datastores encrypted by vSphere. For details, see Cryptographic Security Platform Vault with VSAN and VMware vSphere VM Encryption.

If you have linked Cryptographic Security Platform Vault with a Entrust CloudControl server version 5.1 or later, the Inventory feature in CloudControl provides an identifier that links each VM with its associated KMIP objects.

For details on KMIP, see the KMIP Technical Committee home page. For troubleshooting and error messages, see KMIP Errors and Troubleshooting.