Name: | pki-kra |
---|---|
Version: | 10.9.4 |
Release: | 3.0.1.module+el8.3.0+el8+9692+a35cea4e |
Architecture: | noarch |
Module: | pki-core:10.6:8030020210315205745:e0223e2d |
Group: | Unspecified |
Size: | 540740 |
License: | GPLv2 and LGPLv2 |
RPM: | pki-kra-10.9.4-3.0.1.module+el8.3.0+el8+9692+a35cea4e.noarch.rpm |
Source RPM: | pki-core-10.9.4-3.0.1.module+el8.3.0+el8+9692+a35cea4e.src.rpm |
Build Date: | Tue Mar 23 2021 |
Build Host: | host-100-100-224-45.blddevtest1iad.osdevelopmeniad.oraclevcn.com |
Vendor: | Oracle America |
URL: | http://www.dogtagpki.org/ |
Summary: | PKI KRA Package |
Description: | The Key Recovery Authority (KRA) is an optional PKI subsystem that can act as a key archival facility. When configured in conjunction with the Certificate Authority (CA), the KRA stores private encryption keys as part of the certificate enrollment process. The key archival mechanism is triggered when a user enrolls in the PKI and creates the certificate request. Using the Certificate Request Message Format (CRMF) request format, a request is generated for the user's private encryption key. This key is then stored in the KRA which is configured to store keys in an encrypted format that can only be decrypted by several agents requesting the key at one time, providing for protection of the public encryption keys for the users in the PKI deployment. Note that the KRA archives encryption keys; it does NOT archive signing keys, since such archival would undermine non-repudiation properties of signing keys. |
- Remove redhat reference.
- Bug # 1933146 - PKI instance creation failed with new 389-ds-base build
- CVE-2021-20179: Fix unprivileged users can renew any certificate
- Rebased to PKI 10.9.4 - Red Hat Bugzilla #1873235 - Fix SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT in pki ca-user-cert-add
- Rebased to PKI 10.9.3 - Bug #1869893 - Common certificates are missing in CS.cfg on shared PKI instance
- Bug #1871064 - Replica install failing during pki-ca component configuration
- Rebased to PKI 10.9.2
- Bug #1857933 - CA Installation is failing with ncipher v12.30 HSM - Bug #1868233 - Disabling AIA and cert policy extensions in ACME examples
- Rebased to PKI 10.9.1 - Bug #1426572 - Fix Secure connection issue when server is down
- Rebased to PKI 10.9.0