IBM Support

Key Management Interoperability Protocol (KMIP) profiles supported by IBM Security Guardium Key Lifecycle Manager

Question & Answer


Question

What are the various KMIP profiles supported by IBM Security Guardium Key Lifecycle Manager?

Answer

Note: With V4.1, IBM Security Key Lifecycle Manager is renamed as IBM Security Guardium Key Lifecycle Manager.
The following sections list the supported profiles for KMIP server and client interactions per IBM Security Guardium Key Lifecycle Manager version:

IBM Security Guardium Key Lifecycle Manager V4.2.x.x
  • Basic Discover Versions Server Profile
  • Basic Baseline Server KMIP Profile
  • Basic Secret Data Server KMIP Profile
  • Basic Symmetric Key Store and Server KMIP Profile
  • Basic Symmetric Key Foundry and Server KMIP Profile
  • Basic Asymmetric Key Store Server KMIP Profile
  • Basic Asymmetric Key and Certificate Store Server KMIP Profile
  • Basic Asymmetric Key Foundry and Server KMIP Profile
  • Basic Certificate Server KMIP Profile (except PEM certificate format)
  • Basic Asymmetric Key Foundry and Certificate Server KMIP Profile (except PEM certificate format)
  • Discover Versions TLS 1.2 Authentication Server Profile
  • Baseline Server TLS 1.2 Authentication KMIP Profile
  • Secret Data Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key and Certificate Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Asymmetric Key Foundry and Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Suite B Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • Symmetric Key Foundry Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • Asymmetric Key Lifecycle Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • Symmetric Key Lifecycle Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • Storage Array with Self-Encrypting Drives Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • Tape Library Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • HTTPS Message Encoding Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • JSON Message Encoding Version, 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • XML Message Encoding Version 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • Opaque Managed Object Store Version 1.0, 1,1, 1.2, 1.3, 1.4, 2.0, and 2.1 KMIP Profile
  • Basic Cryptographic Mandatory KMIP Profile
  • Mandatory Quantum Safe KMIP Profile
  • Baseline Mandatory KMIP Profile  
  • Import Export KMIP Profile
  • Set Attribute KMIP Profile
  • EC cryptographic algorithm KMIP Profile
  • Support for Offset parameter in Locate KMIP Profile

IBM Security Guardium Key Lifecycle Manager V4.0 and V4.1.x.x
  • Basic Discover Versions Server Profile
  • Basic Baseline Server KMIP Profile
  • Basic Secret Data Server KMIP Profile
  • Basic Symmetric Key Store and Server KMIP Profile
  • Basic Symmetric Key Foundry and Server KMIP Profile
  • Basic Asymmetric Key Store Server KMIP Profile
  • Basic Asymmetric Key and Certificate Store Server KMIP Profile
  • Basic Asymmetric Key Foundry and Server KMIP Profile
  • Basic Certificate Server KMIP Profile (except PEM certificate format)
  • Basic Asymmetric Key Foundry and Certificate Server KMIP Profile (except PEM certificate format)
  • Discover Versions TLS 1.2 Authentication Server Profile
  • Baseline Server TLS 1.2 Authentication KMIP Profile   
  • Secret Data Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key and Certificate Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Asymmetric Key Foundry and Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Suite B Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • Symmetric Key Foundry Version 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • Asymmetric Key Lifecycle Version 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • Symmetric Key Lifecycle Version 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • Storage Array with Self-Encrypting Drives Version 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • Tape Library Version 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • HTTPS Message Encoding Version 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • JSON Message Encoding Version, 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • XML Message Encoding Version 1.0, 1.1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile
  • Opaque Managed Object Store Version 1.0, 1,1, 1.2, 1.3, 1.4, and 2.0 KMIP Profile

IBM Security Key Lifecycle Manager V3.0 and V3.0.1
  • Basic Discover Versions Server Profile
  • Basic Baseline Server KMIP Profile
  • Basic Secret Data Server KMIP Profile
  • Basic Symmetric Key Store and Server KMIP Profile
  • Basic Symmetric Key Foundry and Server KMIP Profile
  • Basic Asymmetric Key Store Server KMIP Profile
  • Basic Asymmetric Key and Certificate Store Server KMIP Profile
  • Basic Asymmetric Key Foundry and Server KMIP Profile
  • Basic Certificate Server KMIP Profile (except PEM certificate format)
  • Basic Asymmetric Key Foundry and Certificate Server KMIP Profile (except PEM certificate format)
  • Discover Versions TLS 1.2 Authentication Server Profile
  • Baseline Server TLS 1.2 Authentication KMIP Profile   
  • Secret Data Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key and Certificate Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Asymmetric Key Foundry and Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Symmetric Key Foundry Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • Asymmetric Key Lifecycle Version 1.0, 1.1, 1.2, 1.3 and V1.4 KMIP Profile
  • Symmetric Key Lifecycle Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • Storage Array with Self-Encrypting Drives Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • Tape Library Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • HTTPS Message Encoding Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • JSON Message Encoding Version, 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • XML Message Encoding Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile
  • Opaque Managed Object Store Version 1.0, 1,1, 1.2, 1.3 and 1.4 KMIP Profile
  • Suite B Version 1.0, 1.1, 1.2, 1.3 and 1.4 KMIP Profile

IBM Security Key Lifecycle Manager V2.7 
  • Basic Discover Versions Server Profile
  • Basic Baseline Server KMIP Profile
  • Basic Secret Data Server KMIP Profile
  • Basic Symmetric Key Store and Server KMIP Profile
  • Basic Symmetric Key Foundry and Server KMIP Profile
  • Basic Asymmetric Key Store Server KMIP Profile
  • Basic Asymmetric Key and Certificate Store Server KMIP Profile
  • Basic Asymmetric Key Foundry and Server KMIP Profile
  • Basic Certificate Server KMIP Profile (except PEM certificate format)
  • Basic Asymmetric Key Foundry and Certificate Server KMIP Profile (except PEM certificate format)
  • Discover Versions TLS 1.2 Authentication Server Profile
  • Baseline Server TLS 1.2 Authentication KMIP Profile
  • Secret Data Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key and Certificate Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Asymmetric Key Foundry and Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Symmetric Key Foundry Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • Asymmetric Key Lifecycle Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • Symmetric Key Lifecycle Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • Storage Array with Self- Encrypting Drives Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • Tape Library Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • HTTPS Message Encoding Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • JSON Message Encoding Version, 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • XML Message Encoding Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile
  • Opaque Managed Object Store Version 1.0, 1,1, 1.2, and 1.3 KMIP Profile
  • Suite B Version 1.0, 1.1, 1.2, and 1.3 KMIP Profile

 IBM Security Key Lifecycle Manager V2.6
  • Basic Discover Versions Server Profile
  • Basic Baseline Server KMIP Profile
  • Basic Secret Data Server KMIP Profile
  • Basic Symmetric Key Store and Server KMIP Profile
  • Basic Symmetric Key Foundry and Server KMIP Profile
  • Basic Asymmetric Key Store Server KMIP Profile
  • Basic Asymmetric Key and Certificate Store Server KMIP Profile
  • Basic Asymmetric Key Foundry and Server KMIP Profile
  • Basic Certificate Server KMIP Profile (except PEM certificate format)
  • Basic Asymmetric Key Foundry and Certificate Server KMIP Profile (except PEM certificate format)
  • Discover Versions TLS 1.2 Authentication Server Profile
  • Baseline Server TLS 1.2 Authentication KMIP Profile
  • Secret Data Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile
  • Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key and Certificate Store Server TLS 1.2 Authentication KMIP Profile
  • Asymmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile
  • Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Asymmetric Key Foundry and Certificate Server TLS 1.2 Authentication KMIP Profile (except PEM certificate format)
  • Symmetric Key Foundry Version 1.0, 1.1, and 1.2 KMIP Profile
  • Asymmetric Key Lifecycle Version 1.0, 1.1, and 1.2 KMIP Profile
  • Symmetric Key Lifecycle Version 1.0, 1.1, and 1.2 KMIP Profile
  • Storage Array with Self- Encrypting Drives Version 1.0, 1.1, and 1.2 KMIP Profile
  • Tape Library Version 1.0, 1.1, and 1.2 KMIP Profile
  • HTTPS Message Encoding Version 1.0, 1.1, and 1.2 KMIP Profile
  • JSON Message Encoding Version, 1.0, 1.1, and 1.2 KMIP Profile
  • XML Message Encoding Version 1.0, 1.1, and 1.2 KMIP Profile
  • Opaque Managed Object Store Version 1.0, 1,1, and 1.2 KMIP Profile
  • Suite B Version 1.0, 1.1, and 1.2 KMIP Profile

For more information about profiles, see KMIP Profiles 1.4 documentation (
http://docs.oasis-open.org/kmip/profiles/v1.4/os/kmip-profiles-v1.4-os.html
)

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTJE47","label":"IBM Security Guardium Key Lifecycle Manager"},"ARM Category":[{"code":"a8m0z000000cvdLAAQ","label":"SKLM"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
16 August 2023

UID

swg22008933