Table of Contents
Advertisement
1.1. Certificate Renewal
Certificate renewal for all Certificate System-issued certificates has been reintroduced using the new
profile framework. There are a number of new profiles to use for renewal, including encryption and
signing certificates for both standard use and on tokens, and server certificate renewal. New inputs
have been added to manage certificate renewal, so corresponding renewal profiles can be created for
custom enrollment profiles.
1.2. Improved Subsystem Cloning
Cloning has been enhanced with distributed numeric assignments logic so that cloned CAs can
efficiently divide and use serial numbers for certificates without becoming blocked because of
inadequate serial number ranges.
1.3. Stronger SELinux Policies
SELinux policies are now required for every subsystem and run in enforcing mode by default,
providing much more protection for Certificate System processes.
1.4. Improved UTF8 Support
The CA, OCSP, and DRM subsystems fully accept and interpret certificate requests generated using
UTF-8 characters, both in the console and in the agent services pages. This support is for specific
fields.
End users can submit certificate requests with UTF-8 characters in those fields and end users and
agents can search for and retrieve certificates and CRLs in the CA and retrieve keys in the DRM when
using those field values as the search parameters.
Four fields fully-support UTF-8 characters:
• Common name (used in the subject name of the certificate)
• Organizational unit (used in the subject name of the certificate)
• Requester name
• Additional notes (comments appended by the agent to the certificate)
NOTE
This support does not include supporting internationalized domain names, like in email
addresses.
1.5. Enhanced Support for Third-Party ECC Modules
Certificate System 8.0, although it does not ship with an ECC module, does support loading and using
third-party ECC PKCS#11 modules with the CA. The console can handle ECC-based SSL sessions,
and the server generates and supports ECC certificates.
Certificate Renewal
3
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - RELEASE NOTES
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - RELEASE NOTES
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - RELEASE NOTES and is the answer not in the manual?
Questions and answers