Installation guide

ManualsBrandsRed Hat ManualsConsumer electronicsCERTIFICATE 8.0 RELEASE NOTES

456701 The default signing algorithm used by the CA cannot be

successfully changed in the CA configuration or when

setting up the CA. T he default is hard-coded to

MD5withRSA.

453051

483359

When trying to renew a subsystem certificate using the

certificate wizard tool in the Java console

(pkiconsole), the certificate renewal fails and the

console throws a Java exception, such as

UNKNOWNEXCEPTION-java.util.

MissingRessourceException: Can't find resource for

bundle com.netscape.admin.

certsrv.CMSAdminResources, key

UNKNOWNEXCEPTION.

The console relied on the old policy framework to renew

certificates, but the policy framework was replaced by a

new profile framework in Certificate System 7.2.

Therefore, the renewal feature in the console is broken.

This is related to bug 499014.

Use the certificate wizard in

the console to generate new

certificates for the subsystem.

Alternatively, use the CA's web

services forms to renew the

certificate or create a new

renewal profile for the

subsystem certificates.

454559 Attempting to connect to the Online Certificate Status

Manager using wget or HT TP POST to send OCSP

requests times out.

Use the OCSPClient tool to

send status requests.

476096

489558

Due to a security concern, the Red Hat Directory Server

Perl files on Sun Solaris platforms were moved from

/opt/perl5x to

/usr/lib/sparcv9/dirsec/perl5x. However,

some Perl utilities includes with Certificate System are

hard-coded to reference /opt/perl5x. This move can

cause problems if users running Red Hat Certificate

System upgrade their local Directory Server to Red Hat

Directory Server 8.0 on the same machine.

Create symlinks to the new

Perl directory.

ln -s

/usr/lib/sparcv9/dirsrv/perl5x

/opt/perl5x

491438 If the TPS server is unavailable, then the Enterprise

Security Client opens a blank screen in security officer

mode rather than returning an error message that the

server is unreachable.

If a blank screen appears

when opening the Enterprise

Security Client in security

officer mode, try restarting the

TPS server, and then

restarting the Enterprise

Security Client.

498299 The tokendb.allowedTransitions parameter in the

TPS configuration sets the revocation states that a

token can be assigned. For example, a token can go

from a valid state to a permanently lost state.

The tokendb.allowedTransitions parameter can be

set to allow a transition from a state where the

certificates are permanently revoked back to the active

state. However, the TPS will not allow a token to go from

a permanently revoked state back to active. Even

though those operations appear to complete

successfully, the certificates on that token are still

revoked.

Red Hat Certificate System 8.0 Red Hat Certificate System 8.0