Golang Client-side Encryption With Alt Key

I’ve been trying to setup mongo client-side encryption (cse) in a golang application I am building. I’ve been following these guides to help me get started:

I’ve managed to create a key and write it to the KeyVaultNamespace. It shows up in mongodb under the key vault collection, and I can see that it has an altname of ‘mykey’. But with the following cse validation schema:

`{
	"bsonType": "object",
	"encryptMetadata": {
		"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Random",
		"keyId": "/mykey"
	},
	"properties": {
		"config": {
			"encrypt": {
				"bsonType": "object"
			}
		}
	}
}`

I get errors like this:

 mongocryptd communication error: (Location51114) keyId pointer '/mykey' must point to a field that exists

What am I doing wrong? I’ve followed the sample code above and have read through the official guide multiple times at this point. Any assistance would be helpful.

1 Like

Hey there, did you managed to get it running? I got the same error on my setup.

the inserted document should have a field mykey with value containing the alt_name of DEK.