Name: | pki-base-java |
Version: | 10.5.9 |
Release: | 10.el7_6 |
Architecture: | noarch |
Group: | System Environment/Base |
Size: | 1279883 |
License: | GPLv2 |
RPM: |
pki-base-java-10.5.9-10.el7_6.noarch.rpm
|
Source RPM: |
pki-core-10.5.9-10.el7_6.src.rpm
|
Build Date: | Thu Jan 31 2019 |
Build Host: | x86-ol7-builder-01.us.oracle.com |
Vendor: | Oracle America |
URL: | http://pki.fedoraproject.org/ |
Summary: | Certificate System - Java Framework |
Description: | The PKI Framework contains the common and client libraries and utilities
written in Java. This package is a part of the PKI Core used by the
Certificate System.
This package is a part of the PKI Core used by the Certificate System.
==================================
|| ABOUT "CERTIFICATE SYSTEM" ||
==================================
Certificate System (CS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.
PKI Core contains ALL top-level java-based Tomcat PKI components:
* pki-symkey
* pki-base
* pki-base-python2 (alias for pki-base)
* pki-base-python3
* pki-base-java
* pki-tools
* pki-server
* pki-ca
* pki-kra
* pki-ocsp
* pki-tks
* pki-tps
* pki-javadoc
which comprise the following corresponding PKI subsystems:
* Certificate Authority (CA)
* Key Recovery Authority (KRA)
* Online Certificate Status Protocol (OCSP) Manager
* Token Key Service (TKS)
* Token Processing Service (TPS)
Python clients need only install the pki-base package. This
package contains the python REST client packages and the client
upgrade framework.
Java clients should install the pki-base-java package. This package
contains the legacy and REST Java client packages. These clients
should also consider installing the pki-tools package, which contain
native and Java-based PKI tools and utilities.
Certificate Server instances require the fundamental classes and
modules in pki-base and pki-base-java, as well as the utilities in
pki-tools. The main server classes are in pki-server, with subsystem
specific Java classes and resources in pki-ca, pki-kra, pki-ocsp etc.
Finally, if Certificate System is being deployed as an individual or
set of standalone rather than embedded server(s)/service(s), it is
strongly recommended (though not explicitly required) to include at
least one PKI Theme package:
* dogtag-pki-theme (Dogtag Certificate System deployments)
* dogtag-pki-server-theme
* redhat-pki-server-theme (Red Hat Certificate System deployments)
* redhat-pki-server-theme
* customized pki theme (Customized Certificate System deployments)
* <customized>-pki-server-theme
NOTE: As a convenience for standalone deployments, top-level meta
packages may be provided which bind a particular theme to
these certificate server packages. |
-
Mon Dec 17 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-10
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1659939 - CC: Simplifying Web UI session timeout
configuration [rhel-7.6.z] (edewata)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA,
- # Added Batch Update Information to Product Version (mharmsen)
-
Mon Dec 10 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-9
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1657922 - CC: CA/OCSP startup fail on SystemCertsVerification
if enableOCSP is true [rhel-7.6.z] (jmagne)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA,
-
Wed Dec 05 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-8
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1645262 - pkidestroy may not remove all files [rhel-7.6.z]
(dmoluguw)
- Bugzilla Bug #1645263 - Auth plugins leave passwords in the access
log and audit log using REST [rhel-7.6.z] (dmoluguw)
- Bugzilla Bug #1645429 - pkispawn fails due to name collision with
/var/log/pki/<instance> [rhel-7.6.z] (dmoluguw)
- Bugzilla Bug #1655951 - CC: tools supporting CMC requests output
keyID needs to be captured in file [rhel-7.6.z] (cfu)
- Bugzilla Bug #1656297 - Unable to install with admin-generated keys
[rhel-7.6.z] (edewata)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA,
-
Mon Oct 29 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-7
- Require "tomcatjss >= 7.2.1-8" as a build and runtime requirement
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1632116 - CC: missing audit event for CS acting as
TLS client [rhel-7.6.z] (cfu)
- Bugzilla Bug #1632120 - Unsupported RSA_ ciphers should be
removed from the default ciphers list [rhel-7.6.z] (cfu)
- Bugzilla Bug #1632615 - Permit certain SHA384 FIPS ciphers to be
enabled by default for RSA and ECC . . . [rhel-7.6.z] (cfu)
- Bugzilla Bug #1632616 - X500Name.directoryStringEncodingOrder
overridden by CSR encoding (coverity changes) [rhel-7.6.z] (mharmsen)
- Bugzilla Bug #1633104 - CMC: add config to allow non-clientAuth
[rhel-7.6.z] (cfu)
- Bugzilla Bug #1636490 - Installation of CA using an existing CA fails
[rhel-7.6.z] (edewata)
- Bugzilla Bug #1643878 - pki cli command for RHCS doesn't prompt for
a password [rhel-7.6.z] (edewata)
- Bugzilla Bug #1643879 - CC: Identify version/release of pki-ca, pki-kra,
pki-ocsp, pki-tks, and pki-tps remotely [RHEL] [rhel-7.6.z] (cfu, jmagne)
- Bugzilla Bug #1643880 - PKI subsystem process is not shutdown when
there is no space on the disk to write logs [rhel-7.6.z] (edewata)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1639836 - CC: Identify RHCS version of CA, KRA,
-
Tue Aug 21 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-6
- Updated nuxwdog dependencies
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #673182 - ECC keys not supported for signing
audit logs (cfu)
- Bugzilla Bug #1593805 - Better understanding of
NSS_USE_DECODED_CKA_EC_POINT for ECC (cfu)
- Bugzilla Bug #1601071 - Certificate generation happens with
partial attributes in CMCRequest file (cfu)
- Bugzilla Bug #1601569 - CC: Enable all config audit events
(cfu)
- Bugzilla Bug #1608375 - CMC Revocations throws exception
with same reqIssuer & certissuer (cfu)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1557570 - Re-base pki-core from 10.5.1 to
-
Thu Aug 09 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-5
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1596629 - ipa-replica-install --setup-kra broken on DL0
with latest version (abokovoy)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1557570 - Re-base pki-core from 10.5.1 to
-
Tue Jul 31 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-4
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1548203 - pki console configurations that involves ldap
passwords leave the plain text password in signed audit logs (cfu)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1494591 - keyGen fails when only Identity
-
Mon Jul 23 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-3
- Re-spin alpha builds
-
Thu Jul 05 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-2
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1471935 - X500Name.directoryStringEncodingOrder overridden
by CSR encoding (cfu)
- Bugzilla Bug #1538311 - Using a Netmask produces an odd entry in a
certificate (ftweedal)
- Bugzilla Bug #1540440 - CMC: Audit Events needed for failures in
SharedToken scenario's (cfu)
- Bugzilla Bug #1550742 - Address ECC profile overrides (cfu)
- Bugzilla Bug #1562841 - servlet profileSubmitCMCSimple throws NPE (cfu)
- Bugzilla Bug #1572432 - AuditVerify failure due to line breaks (cfu)
- Bugzilla Bug #1592961 - Need proper default subjectDN for CMC request
authenticated through SharedToken (cfu)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1557570 - Re-base pki-core from 10.5.1 to
-
Mon Jun 11 2018 Dogtag Team <pki-devel@redhat.com> 10.5.9-1
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1538311 - Using a Netmask produces an odd
entry in a certifcate (ftweedal)
- Bugzilla Bug #1544843 - ExternalCA: Installation failed during
csr generation with ecc (rrelyea, gkapoor)
- Bugzilla Bug #1557569 - Re-base pki-core from 10.5.1 to latest
upstream 10.5.x (RHEL) (mharmsen)
- Bugzilla Bug #1580394 - CMC CRMF requests result in
InvalidKeyFormatException when signing algorithm is ECC (cfu)
- Bugzilla Bug #1580527 - CVE-2018-1080 pki-core: Mishandled
ACL configuration in AAclAuthz.java reverses rules that allow
and deny access (ftweedal, cfu)
- Bugzilla Bug #1585866 - CRMFPopClient tool - should allow
option to do no key archival (cfu)
- Bugzilla Bug #1588655 - Cert validation for installation with
external CA cert (edewata)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1557570 - Re-base pki-core from 10.5.1 to