In this procedure, you will encrypt the database of a single instance of MongoDB using KMIP key manager. This procedure uses the PyKMIP implementation in Python. This implementation is acceptable for testing, but is not safe for a production environment.
1.Launch mongod with the configuration file shown below:
mongod -f cf.yaml
systemLog:
destination: file
path: /home/vagrant/data/mongodb.log
storage:
dbPath: /home/vagrant/data
processManagement:
fork: true
security:
authorization: disabled
enableEncryption: true
kmip:
serverName: infrastructure.m310.mongodb.university
serverCAFile: /home/vagrant/shared/certs/ca.pem
clientCertificateFile: /home/vagrant/shared/certs/client.pem
net:
bindIp: database.m310.mongodb.university
port: 31260
•When setting the serverCAFile and clientCerficateFile, be sure to use full path names, not relative path names.