The automatic feature of field level encryption is only available in MongoDB 4.2 Enterprise and MongoDB Atlas 4.2 clusters.
- Parses the automatic encryption rules specified to the database
connection. Automatic encryption rules use a strict subset of
JSON schema syntax. If the automatic encryption rules contains invalid
automatic encryption syntax or any
mongocryptdreturns an error.
- Uses the specified automatic encryption rules to mark fields in read and write operations for encryption.
- Reject read/write operations that may return unexpected or incorrect results when applied to an encrypted field. See Read/Write Support with Automatic Field Level Encryption for more information.
mongocryptd is only responsible for supporting automatic
client-side field level encryption and does not perform encryption
or decryption. MongoDB 4.2-compatible drivers use the Apache-licensed
library for performing client-side field level encryption and
The official MongoDB 4.2-compatible drivers and the 4.2
mongo shell require access to the
on the client host machine. The 4.2-compatible drivers and 4.2
mongo shell by default search for the
process in the system PATH. See Installation for more
complete documentation on installing
If the 4.2-compatible driver has access to the
by default the driver manages the spawning of the
process. The 4.2-compatible drivers may have additional options for
specifying the path to or the spawning behavior of the
For supported Linux Operating Systems, follow the documented
installation instructions and install the
package. Alternatively, specify
mongodb-enterprise-cryptd instead to
install only the
mongocryptd binary. The package manager installs
the binaries to a location in the system PATH (e.g.
For OSX, install the Server package. The package manager installs binaries to a location in the system PATH.
For Windows, install the
You must add the
mongocryptd package to your system PATH after
installation. Defer to documented best practices for your Windows
installation for instructions on adding the
mongocryptd binary to
the system PATH.
For installations via an official tarball or ZIP archive,
follow the documented best practices for your operating system to add
mongocryptd binary to your system PATH.