Introduction
This article goes over solving Vault KMIP integration with MongoDB error when they key is unable to be retrieved due to not being active.
Problem
When either upgrading or setting up V6 of MongoDB and connecting or re-connecting Vault KMIP Secrets Engine to MongoDB, there may be an error such as below.
{"t":{"$date":"2022-08-16T12:00:30.669-08:00"},"s":"E", "c":"STORAGE", "id":12345, "ctx":"initandlisten","msg":"Unable to retrieve key","attr":{"keyId":".system","error":{"code":2,"codeName":"BadValue","errmsg":"State of KMIP Key for ESE is not active on startup. UID: (Flth4noAiAsPmJCUfGbuRcrW4JLgzSMq). State: preActive"}}}
Cause
There is a new option in MongoDB V6 named kmipActivateKeys
. This value should be set to YES
in order to function properly.