Red Hat CERTIFICATE SYSTEM 8.0 - RELEASE NOTES Release Note page 15

Bug Number
478909
480143
480825
481177
481790
483184
490551
490782
490814
491000
491185
492180
492189
492361
499291
499439
500698
501336
502861
503045
Description
In some situations, the internal LDAP database for a CA could run out of connecti
operations to get and set serial numbers.
SELinux errors at the time an instance was created could potentially prevent the c
TKS, or RA.
The publisher ignored the encoding parameter and always published files in base-
Normally, when a certificate is published to a file, and then the certificate is revoke
revoked certificate. However, base-64 encoded files were not being unpublished b
If a value other than a UUID was set for the OtherName parameter for the Subjec
alternative name was ignored and not included in the issued certificate.
Attempting to add or register a custom authentication plug-in to the CA configurati
IO exception errors, and adding the plug-in failed.
The key size is now selectable in end-entity forms, so the same profile can be use
for example. The fully range is 512 bits to 8192 bits, for RSA keys.
The security officer token was reset whenever the Enterprise Security Client esc-
officer mode to regular mode. The security officer token was mistakenly being form
format operation.
The format operation for a token updates its master key from the default to a new
set in the TPS CS.cfg. Whenever master key changeover occurred, the formatte
new master key version did not match the one in the TPS configuration. However,
configuration prevented new tokens (with the default master key) from being enrol
New configuration parameters have been added to allow the TPS configuration to
indexed key version.
Trying to format or re-enroll a formatted security officer token caused the Enterpris
window because the command to revoke the existing certificates failed.
All of the schema and elements implemented according to RFC 2256 have been u
Trying to enroll a temporary token for a security officer with a lost token failed with
was lost. The actual error was that key generation failed.
A security officer token that was a temporarily lost state could be used to log into t
An improved error message has been added to clarify why the enrollment operatio
token which was enrolled to a different user.
Installing the Enterprise Security Client on Microsoft Windows Vista was interrupte
eginstall.exe drivers, which are not shipped with Vista.
The tokens activities display page was hard-coded to display only 25 entries, rega
has been removed.
If a CA, TKS, or TPS were installed on an HSM, the subsystem could crash after a
more). A memory leak in the token operation exhausted the memory on the HSM.
The Enterprise Security Client hung if a user attempted to re-enroll a token when t
(RE_ENROLL=NO).
Attempting to enroll a certificate through the Signed CMC Authentication User Cer
authorization error.
Attempting to perform a CMC revocation through the end-entities services pages f
authorization error.
Bugs Fixed in Certificate System 8.0
15