[ol8_appstream] pki-kra-10.11.2-2.0.1.module+el8.5.0+20411+8eb38ccc.noarch

Name:	pki-kra
Version:	10.11.2
Release:	2.0.1.module+el8.5.0+20411+8eb38ccc
Architecture:	noarch
Module:	pki-core:10.6:8050020210924095114:01d2cef5
Group:	Unspecified
Size:	632146
License:	GPLv2 and LGPLv2
RPM:	pki-kra-10.11.2-2.0.1.module+el8.5.0+20411+8eb38ccc.noarch.rpm
Source RPM:	pki-core-10.11.2-2.0.1.module+el8.5.0+20411+8eb38ccc.src.rpm
Build Date:	Wed Nov 10 2021
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://www.dogtagpki.org
Summary:	PKI KRA Package
Description:	The Key Recovery Authority (KRA) is an optional PKI subsystem that can act as a key archival facility. When configured in conjunction with the Certificate Authority (CA), the KRA stores private encryption keys as part of the certificate enrollment process. The key archival mechanism is triggered when a user enrolls in the PKI and creates the certificate request. Using the Certificate Request Message Format (CRMF) request format, a request is generated for the user's private encryption key. This key is then stored in the KRA which is configured to store keys in an encrypted format that can only be decrypted by several agents requesting the key at one time, providing for protection of the public encryption keys for the users in the PKI deployment. Note that the KRA archives encryption keys; it does NOT archive signing keys, since such archival would undermine non-repudiation properties of signing keys.

Changelog (Show File list) (Show related packages)

Wed Nov 10 2021 EL Errata <el-errata_ww@oracle.com> - 10.11.2-2.0.1
```
- Remove upstream reference.
```
Fri Sep 24 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.2-2
```
- Bug 2001576 - pki instance creation fails for IPA in FIPS mode
```
Fri Sep 17 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.2-1
```
- Rebase to PKI 10.11.2
```

Thu Aug 12 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.0-2

- Bug 1992337 - Double issuance of non-CA subsystem certs at installation

Mon Jul 26 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.0-1
```
- Rebase to PKI 10.11.0
```
Mon Jun 14 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.0-0.3
```
- Rebase to PKI 10.11.0-alpha3
```
Thu Jun 03 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.0-0.2
```
- Fix JAVA_HOME
```
Wed Jun 02 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.0-0.1
```
- Rebase to PKI 10.11.0-alpha2
```

Mon Feb 08 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.10.4-1

- Rebase to PKI 10.10.4
- Bug 1664435 - Error instantiating class for challenge_password with SCEP request
- Bug 1912418 - OCSP and TKS cloning failed due to duplicate replica ID
- Bug 1916686 - Memory leak during ACME performance test
- Bug 1919282 - ACME cert enrollment failed with HTTP 500

Thu Jan 14 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.10.3-1

- Rebase to PKI 10.10.3
- Bug 1584550 - CRMFPopClient: unexpected behavior with -y option when values are specified
- Bug 1590942 - CMCResponse treats -d as optional
- Bug 1890639 - Two-step installation with external certificates fails on HSM configured system
- Bug 1912493 - pkispawn reports incorrect FIPS mode