이 콘텐츠는 선택한 언어로 제공되지 않습니다.

4.25. certmonger


An updated certmonger package that fixes multiple bugs is now available for Red Hat Enterprise Linux 6.
The certmonger service monitors certificates as the date at which they become invalid approaches, optionally attempting to re-enroll with a supported certificate authority (CA) to keep the services which use the certificates running without incident.

Bug Fixes

BZ#692766
Previously, the certmonger service could access a Network Security Services (NSS) database without a password, despite being configured to use a password to access that database. This behavior was not recognized as an error. This update correctly diagnoses this inconsistency as an error.
BZ#694184
Previously, if the certmonger service could not generate a key pair in an NSS database because it did not have the password that was required for accessing the database, the certmonger service did not recover when it was subsequently given the correct password. This update handles this case correctly.
BZ#697058
Previously, the certmonger service did not correctly diagnose a missing token if the name of the token to use was specified when the service was instructed to generate a key pair for storage in an NSS database. This update corrects this error.
BZ#712500
Previously, the certmonger service encountered an assertion failure if the D-Bus message bus service was not already running when certmonger was started. This update modifies the certmonger service so that no more assertion problems occur in such a situation.
BZ#721392
Previously, when the getcert command needed to report an error message which it received from the certmonger service, it exited unexpectedly due to a logic error. This update corrects the logic so that the error message is correctly reported.
BZ#727863
Previously, the certmonger service was not fully compatible with newer versions of the xmlrpc-c and libcurl packages. As a result, credentials could not be delegated when using GSSAPI authentication with a CA that was accessed via XML-RPC. This update includes the necessary changes to continue to be able to delegate credentials when using GSSAPI authentication with a CA that is accessed using XML-RPC, such as IPA.
BZ#699059, BZ#739903
Previously, when the getcert request command was given a location for key or certificate storage using a relative path, and the location did not exist, the error was only reported after multiple warnings during which the command attempted to convert the relative path to an absolute path. This update suppresses these warnings.
BZ#741262
Previously, an incorrect error message was displayed if the getcert resubmit command was invoked with the -i flag to specify which request should be resubmitted to a CA but no request that matched the provided value was present. This update displays the correct error message.
BZ#742348
Due to a logic error, attempts to save a newly-obtained certificate to an NSS database could fail intermittently. This update corrects the error.

Enhancements

BZ#698772
Previously, the getcert list command only printed information about every certificate and enrollment request being managed by certmonger, and there was no way to narrow down the results. This update includes an updated version of the command which can narrow the result set if the invoking user provides information about the location of the certificate or key in which the user is interested
BZ#750617
This update now includes an HTTP "Referer:" header value when submitting requests to CAs which are accessed using XML-RPC, as is expected to be required by future releases of the IPA CA
All users of the certmonger service are advised to upgrade to this updated package, which fixes these bugs and adds these enhancements.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.