DOCSP-7525 clarify how to specify multiple KMIP hosts (#2792)

* DOCSP-7525 clarify how to specify multiple KMIP hosts

* Revert "DOCSP-7525 clarify how to specify multiple KMIP hosts"

This reverts commit d30444820aa98d882e347694aa2ad6c41f0623c0.

* internal review -- seealso

* external review feedback

* fix up merge conflicts

Author: jmd-mongo

source/includes/fact-specify-kmip-serverName.rst

@@ -0,0 +1,15 @@
+Starting in MongoDB 4.2.1 (and 4.0.14), you can specify multiple KMIP 
+servers as a comma-separated list.
+
+.. example::
+
+   To specify both ``server1.example.com`` and ``server2.example.com`` 
+   as KMIP servers, set |kmipServerName| to ``"server1.example.com,server2.example.com"``. 
+
+You cannot specify the port number in |kmipServerName|. Instead,
+specify the port with |kmipPort|. You may only specify one port and 
+each host must use that port. 
+
+On startup, :binary:`~bin.mongod` attempts to establish a connection to 
+each server in the order listed and selects the first server it can
+connect to. KMIP server selection only occurs at startup.

source/reference/configuration-options.txt

@@ -2858,16 +2858,12 @@ Key Management Configuration Options
    *Type*: string
 
 
-   Hostname or IP address of the KMIP server to connect to. Requires
-   :setting:`security.enableEncryption` to be true.
+   Hostname or IP address of the KMIP server to connect to. 
+   :setting:`security.enableEncryption` must be set to ``true``.
 
-   Starting in MongoDB 4.2.1 (and 4.0.14), you can specify multiple KMIP
-   servers as a comma-separated list, e.g.
-   ``server1.example.com,server2.example.com``. On startup, the
-   :binary:`~bin.mongod` will attempt to establish a connection to each
-   server in the order listed, and will select the first server to
-   which it can successfully establish a connection. KMIP server
-   selection occurs only at startup.
+   .. |kmipServerName| replace:: ``security.kmip.serverName``
+   .. |kmipPort| replace:: ``security.kmip.port``
+   .. include:: /includes/fact-specify-kmip-serverName.rst
 
    .. include:: /includes/reference/fact-connection-check.rst
 

source/reference/program/mongod.txt

@@ -3129,17 +3129,15 @@ Encryption Key Management Options
 
 
 .. option:: --kmipServerName <string>
-   
+
+   .. _specify-mulitple-kmip-servers:
+
    Hostname or IP address of the KMIP server to connect to. Requires
    :option:`--enableEncryption`.
 
-   Starting in MongoDB 4.2.1, you can specify multiple KMIP
-   servers as a comma-separated list, e.g.
-   ``server1.example.com,server2.example.com``. On startup, the
-   :binary:`~bin.mongod` will attempt to establish a connection to each
-   server in the order listed, and will select the first server to
-   which it can successfully establish a connection. KMIP server
-   selection occurs only at startup.
+   .. |kmipServerName| replace:: ``security.kmip.serverName``
+   .. |kmipPort| replace:: ``security.kmip.port``
+   .. include:: /includes/fact-specify-kmip-serverName.rst
 
    .. _KMIP-subject-alternative-name-CN:
 

source/tutorial/configure-encryption.txt

@@ -105,6 +105,10 @@ generates for each database.
           --kmipServerCAFile ca.pem \
           --kmipClientCertificateFile client.pem
 
+The {+dek-long+} is unique for each server process. That is, if there 
+are three replica set members, each replica set member has a unique 
+{+dek-long+}.
+
 .. include:: /includes/reference/fact-connection-check.rst
 
 To verify that the key creation and usage was successful, check the log
@@ -117,7 +121,8 @@ file. If successful, the process will log the following messages:
 
 .. seealso::
 
-   :ref:`encryption-key-management-options`
+   - :ref:`encryption-key-management-options`
+   - :ref:`Specify Multiple KMIP Servers <specify-mulitple-kmip-servers>`
 
 .. _encrypt-with-existing-key:
 
@@ -152,7 +157,8 @@ manages. To use an existing key, use these options when you start
 
 .. seealso::
 
-   :ref:`encryption-key-management-options`
+   - :ref:`encryption-key-management-options`
+   - :ref:`Specify Multiple KMIP Servers <specify-mulitple-kmip-servers>`
 
 .. _encrypt-local-key-mgmt:
 
@@ -208,7 +214,8 @@ accessible by the owner of the :binary:`~bin.mongod` process.
 
 .. seealso::
 
-   :ref:`encryption-key-management-options`
+   - :ref:`encryption-key-management-options`
+   - :ref:`Specify Multiple KMIP Servers <specify-mulitple-kmip-servers>`
 
 .. _encrypt-existing-data: