[DOCS] Update kmip.mdx to add Cert Authority details (#23907)

* Update kmip.mdx to add Cert Authority details * Update website/content/docs/secrets/kmip.mdx Accepted suggestion Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2026-06-06 23:32:43 -04:00 · 2024-04-08 12:51:05 -07:00 · 2024-04-08 12:51:05 -07:00 · d1fda882a5
commit d1fda882a5
parent 9c12a6acc7
1 changed files with 9 additions and 0 deletions
--- a/website/content/docs/secrets/kmip.mdx
+++ b/website/content/docs/secrets/kmip.mdx
@ -74,6 +74,15 @@ requests.
    ```text
    $ vault write kmip/config listen_addrs=0.0.0.0:5696
    ```
+### KMIP Certificate Authority for Client Certificates
+
+When the KMIP Secrets Engine is initially configured, Vault generates a KMIP 
+Certificate Authority (CA) whose only purpose is to authenticate KMIP client
+certificates.
+
+Vault uses the internal KMIP CA to generate certificates for clients
+authenticating to Vault with the KMIP protocol. You cannot import external KMIP
+authorities. All KMIP authentication must use the internally-generated KMIP CA.

 ## Usage