Reflection PKI Services Manager 1.3 Service Pack 1 New Features and Release Notes

  • 7021881
  • 06-Jan-2015
  • 01-Apr-2018

Environment

Reflection PKI Services Manager version 1.3 Service Pack 1

Situation

Reflection PKI Services Manager is a service that provides certificate validation services for many Attachmate products. This technical note outlines the features available in the Reflection PKI Services Manager 1.3 Service Pack 1 (SP1) released January 2015, as well as product release notes.

Resolution

Note:

  • For a list of products that include Reflection PKI Services Manager, see KB 7021880.
  • For information about platforms Reflection PKI Services Manager is supported on, see KB 7021871.

Java and PKI Services Manager

PKI Services Manager installs its own Java Runtime Environment (JRE) and uses this installed JRE by default. It is also possible to configure PKI Services Manager to use a different JRE. Beginning with version 1.2.2 and higher, the JRE you configure must be Java version 7 (1.7.0_nn).

  • On Linux, Solaris and Windows platforms, the installed Java Runtime Environment (JRE) has been updated to Oracle Java Platform Standard Edition 7 Update 71.
  • On AIX, the installed Java Runtime Environment (JRE) has been updated from IBM Runtime Environment Java Technology Edition Version 5 to Version 7 R1 SR2.

New Features

  • Support for Microsoft Windows Server 2012 R2 has been added.
  • Linux Standard Based (LSB) tags have been added to the PKI Services Manager init scripts.

Security Updates

  • The default pseudo-random number generator (PRNG) has been updated to use HMACDRBG256.

For current information about security alerts and advisories that may affect PKI Services Manager, see Security Alerts - Reflection PKI Services Manager.

Resolved Issues

  • The User Guide describing the location of the PKID script to start and stop PKI Services Manager on AIX has been corrected.
  • Loading a large certificate revocation list (CRL) file from the local store no longer causes an "Error: Socket closed."

Known Issue

When PKI Services Manager 1.3 SP1 tries to test a certificate from the PKI Services Manager Console using a Certificate Revocation List (CRL) file in the Local Store, it will fail to load the CRL file and display a “CRL not found” error. This issue only occurs in the PKI Services Manager Console UI and does not prevent PKI Services Manager from properly performing revocation checking.

Certificates can be tested using the pki-client Command Line Utility by running the following:

java –jar pki-client.jar validate <options>

Obtaining Your Add-on Component

The directions for obtaining the Reflection PKI Services Manager add-on vary depending on the type of customer: maintained or new customers, or evaluating customers.

Note: You can install or upgrade the PKI Services Manager component without changing your installed Attachmate product version.

Maintained or New Customers

Maintained customers are eligible to download the latest product release from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/.

New Volume Purchase Account customers can use link(s) in the email message sent to the order "ship to" contact to download PKI Services Manager files.

The PKI Services Manager file downloads for various platforms are listed in the Download Library on your product's download page under the heading, "Supplemental File – Utility or Add-On," which appears below the "Current Product Release" and "Service Pack or Patch" headings. You will be prompted to login and accept the Software License Agreement before you can select and download the PKI Services Manager file. For more information on using the Download Library web site, see KB 7021965.

Evaluating Customers

The latest product release is available to evaluate by contacting Technical Support, https://support.microfocus.com/contact/.

Supported Platforms

For information about Reflection PKI Services Manager supported platforms, see KB 7021871.

Installing Reflection PKI Services Manager

Reflection PKI Services Manager version 1.3 SP1 is a full product installation and does not require a previous version to be installed. Installation instructions vary depending on platform. For detailed installation instructions on a Windows or UNIX platform, see the PKI Services Manager 1.3 SP1 User Guide available from the documentation page: https://support.microfocus.com/manuals/pki.html.

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 2762.