Este conteúdo não está disponível no idioma selecionado.

7.21. certmonger


Updated certmonger packages that fix two bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
The certmonger service monitors certificates, warns of their impending expiration, and optionally attempts to renew certificates by enrolling the system with a certificate authority (CA).

Bug Fixes

BZ#1163023
Prior to this update, after the user upgraded from Red Hat Enterprise Linux 6.5 to Red Hat Enterprise Linux 6.6 and rebooted the system, certmonger in some cases erroneously exited shortly after starting or performed a series of unnecessary checks for new certificates. A patch has been applied to fix this bug, and these problems no longer occur in the described situation.
BZ#1178190
Previously, the "getcert list" command did not display the "pre-save command" and "post-save command" values. As a consequence, running "getcert list" could return incomplete results. With this update, the problem has been fixed, and running "getcert list" displays the "pre-save command" and "post-save command" values as expected.

Enhancements

BZ#1161768
The certmonger service now supports the Simple Certificate Enrollment Protocol (SCEP). For obtaining certificates from servers, the user can now offer enrollment over SCEP.
BZ#1169806
Requesting a certificate using the getcert utility during an IdM client kickstart enrollment no longer requires certmonger to be running. Previously, an attempt to do this failed because certmonger was not running. With this update, getcert can successfully request a certificate in the described situation, on the condition that the D-Bus daemon is not running. Note that certmonger requires a system reboot to start monitoring the certificate obtained in this way.
BZ#1222595
Previously, after the user ran the "getcert list" command, the output included the PIN value if it was set for the certificate. Consequently, the user could unintentionally expose the PIN, for example by publicly sharing the output of the command. With this update, the "getcert list" output only contains a note that a PIN is set for the certificate. As a result, the PIN value itself is no longer displayed in the "getcert list" output.
Users of certmonger are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
Red Hat logoGithubRedditYoutubeTwitter

Aprender

Experimente, compre e venda

Comunidades

Sobre a documentação da Red Hat

Ajudamos os usuários da Red Hat a inovar e atingir seus objetivos com nossos produtos e serviços com conteúdo em que podem confiar.

Tornando o open source mais inclusivo

A Red Hat está comprometida em substituir a linguagem problemática em nosso código, documentação e propriedades da web. Para mais detalhes veja oBlog da Red Hat.

Sobre a Red Hat

Fornecemos soluções robustas que facilitam o trabalho das empresas em plataformas e ambientes, desde o data center principal até a borda da rede.

© 2024 Red Hat, Inc.