| Name: | pki-base |
|---|
| Version: | 10.3.3 |
|---|
| Release: | 10.el7 |
|---|
| Architecture: | noarch |
|---|
| Group: | System Environment/Base |
|---|
| Size: | 1918242 |
|---|
| License: | GPLv2 |
|---|
| RPM: |
pki-base-10.3.3-10.el7.noarch.rpm
|
| Source RPM: |
pki-core-10.3.3-10.el7.src.rpm
|
| Build Date: | Fri Nov 04 2016 |
|---|
| Build Host: | x86-ol7-builder-02.us.oracle.com |
|---|
| Vendor: | Oracle America |
|---|
| URL: | http://pki.fedoraproject.org/ |
|---|
| Summary: | Certificate System - PKI Framework |
|---|
| Description: | The PKI Framework contains the common and client libraries and utilities
written in Python. This package is a part of the PKI Core used by the
Certificate System.
==================================
|| ABOUT "CERTIFICATE SYSTEM" ||
==================================
Certificate System (CS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.
PKI Core contains ALL top-level java-based Tomcat PKI components:
* pki-symkey
* pki-base
* pki-base-python2 (alias for pki-base)
* pki-base-python3
* pki-base-java
* pki-tools
* pki-server
* pki-ca
* pki-kra
* pki-ocsp
* pki-tks
* pki-tps
* pki-javadoc
which comprise the following corresponding PKI subsystems:
* Certificate Authority (CA)
* Key Recovery Authority (KRA)
* Online Certificate Status Protocol (OCSP) Manager
* Token Key Service (TKS)
* Token Processing Service (TPS)
Python clients need only install the pki-base package. This
package contains the python REST client packages and the client
upgrade framework.
Java clients should install the pki-base-java package. This package
contains the legacy and REST Java client packages. These clients
should also consider installing the pki-tools package, which contain
native and Java-based PKI tools and utilities.
Certificate Server instances require the fundamental classes and
modules in pki-base and pki-base-java, as well as the utilities in
pki-tools. The main server classes are in pki-server, with subsystem
specific Java classes and resources in pki-ca, pki-kra, pki-ocsp etc.
Finally, if Certificate System is being deployed as an individual or
set of standalone rather than embedded server(s)/service(s), it is
strongly recommended (though not explicitly required) to include at
least one PKI Theme package:
* dogtag-pki-theme (Dogtag Certificate System deployments)
* dogtag-pki-server-theme
* redhat-pki-server-theme (Red Hat Certificate System deployments)
* redhat-pki-server-theme
* customized pki theme (Customized Certificate System deployments)
* <customized>-pki-server-theme
NOTE: As a convenience for standalone deployments, top-level meta
packages may be provided which bind a particular theme to
these certificate server packages. |
|---|
-
Fri Sep 09 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-10
- Revert Patch: PKI TRAC Ticket #2449 - Unable to create system certificates
in different tokens (edewata)
- Removes from Errata: rhbz #1372041 - Unable to create system certificates
in different tokens
-
Tue Sep 06 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-9
- PKI TRAC Ticket #1638 - Lightweight CAs: revoke certificate on CA deletion
(ftweedal)
- PKI TRAC Ticket #2436 - Dogtag 10.3.6: Miscellaneous Enhancements
(edewata)
- PKI TRAC Ticket #2443 - Prevent deletion of host CA's keys if LWCA entry
deleted (ftweedal)
- PKI TRAC Ticket #2444 - Authority entry without entryUSN is skipped even if
USN plugin enabled (ftweedal)
- PKI TRAC Ticket #2446 - pkispawn: make subject_dn defaults unique per
instance name (for shared HSM) (cfu)
- PKI TRAC Ticket #2447 - CertRequestInfo has incorrect URLs (vakwetu)
- PKI TRAC Ticket #2449 - Unable to create system certificates in different
tokens (edewata)
-
Mon Aug 29 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-8
- PKI TRAC Ticket #1578 - Authentication Instance Id PinDirEnrollment with authType value as SslclientAuth is not working (jmagne)
- PKI TRAC TIcket #2414 - pki pkcs12-cert-del shows a successfully deleted message when a wrong nickname is provided (gkapoor)
- PKI TRAC Ticket #2423 - pki_ca_signing_token when not specified does not fallback to pki_token_name value (edewata)
- PKI TRAC Ticket #2436 - Dogtag 10.3.6: Miscellaneous Enhancements (akasurde) - ticket remains open
- PKI TRAC Ticket #2439 - Outdated deployment descriptors in upgraded server(edewata)
-
Tue Aug 23 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-7
- PKI TRAC Ticket #690 - [MAN] pki-tools man pages (mharmsen)
- CMCEnroll
- PKI TRAC Ticket #833 - pki user-mod fullName="" gives an error message
"PKIException: LDAP error (21): error result" (edewata)
- PKI TRAC Ticket #2431 - Errors noticed during ipa server upgrade.
(cheimes, edewata, mharmsen)
- PKI TRAC Ticket #2432 - Kra-selftest behavior is not as expected (edewata)
- PKI TRAC Ticket #2436 - Dogtag 10.3.6: Miscellaneous Enhancements
(edewata, mharmsen)
- PKI TRAC Ticket #2437 - TPS UI: while adding certs for users from TPSUI pem
format with/without header works while pkcs7 with header is not allowed
(edewata)
- PKI TRAC Ticket #2440 - Optional CA signing CSR for migration (edewata)
-
Mon Aug 15 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-6
- Bugzilla Bug #1366465 - Errata TPS upgrade test fails
-
Mon Aug 08 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-5
- PKI TRAC Ticket #978 - TPS connector man page: add revocation routing
info (cfu)
- PKI TRAC Ticket #1285 - [MAN] Apply 'generateCRMFRequest() removed from
Firefox' workarounds to appropriate 'pki' man page (jmagne)
- PKI TRAC Ticket #2246 - [MAN] Man Page: AuditVerify (cfu)
- PKI TRAC Ticket #2381 - Throws exception while providing invalid module.
(edewata)
- PKI TRAC Ticket #2383 - CLI :: pki client-cert-request --extractable
should accept only boolean value (edewata)
- PKI TRAC Ticket #2389 - Installation: subsystem certs could have notAfter
beyond CA signing cert in case of external or existing CA (cfu)
- PKI TRAC Ticket #2399 - Dogtag 10.3.5: Miscellaneous Enhancements
(akasurde, alee, cheimes, edewata, jmagne, mharmsen)
- PKI TRAC Ticket #2401 - pkispawn calls dnsdomainname even if it does not
rpm-require hostname (mharmsen)
- PKI TRAC Ticket #2402 - Conflict in file ownership in pki-base and
pki-server (cheimes)
- PKI TRAC Ticket #2403 - Deployment problem with RESTEasy 3.0.17 (edewata)
- PKI TRAC Ticket #2406 - Make starting CRL Number configurable (jmagne)
- PKI TRAC Ticket #2412 - pki client-cert-import --trust option does not
apply the specified trust bits (alee)
- PKI TRAC Ticket #2418 - [TPS] Some template substitution didn't happen
during installation (alee)
- PKI TRAC Ticket #2420 - CA subsystem OSCP responder fails when LWCAs are
not used (ftweedal)
- PKI TRAC Ticket #2421 - Incorrect SELinux contexts
Installation/Configuration (edewata)
- PKI TRAC Ticket #2424 - ipa-ca-install fails on replica when IPA server
is converted from CA-less to CA-full (edewata)
- PKI TRAC Ticket #2428 - broken request links for CA's system certs in
agent request viewing (cfu)
- PKI TRAC Ticket #2430 - CA Agent certificate list is not sorted by serial
number in migration case (jmagne)
- PKI TRAC Ticket #2431 - Errors noticed during ipa server upgrade.
(mharmsen)
- PKI TRAC Ticket #2433 - Lightweight CA GET <id>/chain returns bogus PEM
data (ftweedal)
-
Tue Jul 05 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-3
- PKI TRAC Ticket #691 - [MAN] pki-server man pages (mharmsen)
- PKI TRAC Ticket #1114 - [MAN] Generting Symmetric key fails with
key-generate when --usages verify is passed (jmagne)
- PKI TRAC Ticket #1306 - [RFE] Add granularity to token termination in TPS
(cfu)
- PKI TRAC Ticket #1308 - [RFE] Provide ability to perform off-card key
generation for non-encryption token keys (cfu)
- PKI TRAC Ticket #1405 - [MAN] Add additional HSM details to
'pki_default.cfg' & 'pkispawn' man pages (mharmsen)
- PKI TRAC Ticket #1607 - [MAN] man pkispawn has inadequate description for
shared vs non shared tomcat instance installation (mharmsen)
- PKI TRAC Ticket #1664 - [BUG] Add ability to disallow TPS to enroll a single
user on multiple tokens. (jmagne)
- PKI TRAC Ticket #1711 - CLI :: pki-server ca-cert-request-find throws
IOError (edewata, ftweedal)
- PKI TRAC Ticket #2285 - freeipa fails to start correctly after pki-core
update on upgraded system (ftweedal)
- PKI TRAC Ticket #2311 - When pki_token_name=Internal, consider normalizing
it to "internal" (mharmsen)
- PKI TRAC Ticket #2349 - Separated TPS does not automatically receive shared
secret from remote TKS (jmagne)
- PKI TRAC Ticket #2364 - CLI :: pki-server ca-cert-request-show throws
attribute error (ftweedal)
- PKI TRAC Ticket #2368 - pki-server subsystem subcommands throws error with
--help option (edewata)
- PKI TRAC Ticket #2374 - KRA cloning overwrites CA signing certificate trust
flags (edewata)
- PKI TRAC Ticket #2380 - Pki-server instance commands throws exception while
specifying invalid parameters. (edewata)
- PKI TRAC Ticket #2384 - CA installation with HSM prompts for HSM password
during silent installation (edewata)
- PKI TRAC Ticket #2385 - Upgraded CA lacks ca.sslserver.certreq in CS.cfg
(ftweedal)
- PKI TRAC Ticket #2387 - Add config for default OCSP URI if none given
(ftweedal)
- PKI TRAC Ticket #2388 - CA creation responds 500 if certificate issuance
fails (ftweedal)
- PKI TRAC Ticket #2389 - Installation: subsystem certs could have notAfter
beyond CA signing cert in case of external or existing CA (cfu)
- PKI TRAC Ticket #2390 - Dogtag 10.3.4: Miscellaneous Enhancements
(akasurde, edewata)
-
Thu Jun 30 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-2
- PKI TRAC Ticket #2373 - Fedora 25: RestEasy 3.0.6 ==> 3.0.17 breaks
pki-core (ftweedal)
-
Mon Jun 20 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-1
- Updated release number to 10.3.3-1
-
Tue Jun 07 2016 Dogtag Team <pki-devel@redhat.com> 10.3.3-0.1
- Updated version number to 10.3.3-0.1