ciphertrust-manager

This MCP server provides a Python-based implementation of the Model Context Protocol (MCP) to interact with CipherTrust Manager resources. It exposes a JSON-RPC interface over stdin/stdout, allowing AI assistants or tooling to perform operations such as key management, CTE client management, user management, and connection management through a unified protocol. The server reads configuration from environment variables or a .env file, where you specify the CipherTrust Manager URL, credentials, and SSL verification behavior. Once running, you can use the inspector tools or your own JSON-RPC client to send requests and receive structured responses from the CipherTrust Manager.

To run and test locally, ensure your environment variables are set (either in a .env file or in the shell) and start the server using the provided command. The available tooling includes: key management (list, create, delete, rotate keys), CTE client management (list, add, remove), user management (list users, create users, assign roles), and connection management (list, configure connections). The testing sections in the repository describe both manual JSON-RPC testing and automated testing via the MCP Inspector UI and CLI. The MCP inspector and prompts examples show typical tool calls and system information queries you can perform to validate behavior and integration with AI assistants like Claude or Cursor.

Prerequisites:

• Git
• Python 3.11 or higher
• uv (Python dependency manager for development)
• Access to a CipherTrust Manager instance

Installation steps:

1. Clone the repository:

git clone https://github.com/sanyambassi/ciphertrust-manager-mcp-server.git
cd ciphertrust-manager-mcp-server

2. Create and activate a Python virtual environment, then install dependencies in editable mode:

uv venv
.venv\Scripts\activate  # Windows
# or
source .venv/bin/activate  # Unix/macOS
uv pip install -e .

3. Prepare environment configuration. Copy the example and edit as needed:

cp .env.example .env

Edit CIPHERTRUST_URL, CIPHERTRUST_USER, CIPHERTRUST_PASSWORD, and CIPHERTRUST_NOSSLVERIFY in the .env file or export them in your shell. 4) Run the MCP server:

uv run ciphertrust-mcp-server

Or, if you prefer module execution:

uv run python -m ciphertrust_mcp_server.__main__

Prerequisites details are covered in the README under Prerequisites and Installation sections, including Windows-specific setup and alternative installation paths using winget.

Tips and notes:

• The server communicates via JSON-RPC over standard input/output; use the MCP Inspector UI or your own JSON-RPC client for testing.
• Ensure CIPHERTRUST_URL points to a reachable CipherTrust Manager instance and that the user has appropriate permissions.
• If you encounter SSL verification issues, you can set CIPHERTRUST_NOSSLVERIFY=true, but be aware of security implications in production.
• The environment variables can be supplied via a .env file or directly in the environment; the README shows an example configuration.
• For integration with AI assistants, you typically define an mcp.json in your assistant’s configuration with the mcpServers entry, including the command path to the local ciphertrust-mcp-server executable in the virtual environment.
• If you update dependencies, re-run the installation steps to ensure the editable install reflects changes.