I went through a few KMIP specification and found all of these say that Name attribute SHALL be unique in the domain. However current barbican does not assign Name attribute and use the constant defined in pykmip. I'm not faimiar with kmip but this looks like a bug in the current kmip plugin in Barbican. However, the pykmip library has not been well maintained recently and especially it is known to be incompatible with recent releases of the cryptography library[1]. We reached the maintainer multiple times to request a new release to mitigate the incompatibility but we have never get any update about it, so the plugin was deprecated 2024.2 release[2]. So the problem may not very likely be fixed. [1] https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.... [2] https://review.opendev.org/c/openstack/barbican/+/916619 On 10/31/24 5:38 PM, przemyslaw.kuczynski@ochk.pl wrote:

Why KMIP integration always create OPAQUE secret with name Opaque Object . There can be created only 1 entry Is there bug ? https://bugs.launchpad.net/barbican/+bug/2033620