See below the fixed bugs in the Certificate Manager version running on Cryptographic Security Platform 1.1.0.

Matching tags not sorted (ATEAM-18116)

When typing a tag name, the Authorized Tag field does not display a sorted list of the matching tags.

502 status code when selecting Preview CSV for a report (ATEAM-18121)

Certificate Hub can return a 502 status code when exporting a report to CSV. That is, when:

  1. Navigating to Report / Designer.
  2. Selecting the Design action for a report.
  3. Selecting Preview CSV in the menu bar. 

Workaround

  1. Log in to the machine hosting the appliance or the Kubernetes deployment.
  2. Run the following command to edit the acm-api configuration file. 
    sudo kubectl edit deployment/acm-api -n certhub
  3. Add -Xmx4g to the JAVA_OPTS setting. 
    env:
    - name: JAVA_OPTS
    value: -Xmx4g
  4. Run the following command to make the changes effective.
    sudo kubectl rollout restart deployment/acm-api -n certhub
  5. Run the following command to edit the scheduler configuration file. 
    run ssudo kubectl edit deployment/scheduler -n certhub
  6. Add -Xmx4g to the JAVA_OPTS setting. 
    env:
    - name: JAVA_OPTS
    value: -Xmx4g
  7. Run the following command to make the changes effective. 
    sudo kubectl rollout restart deployment/scheduler-n certhub

Missing keyboard accessibility options (ATEAM-18302)

The user cannot select a Destination using the keyboard accessibility options instead of the mouse.

Mandatory fields not validated (ATEAM-18315)

The generated public enrollment forms do not validate the mandatory fields.

No charts dislayed on widgets (ATEAM-18328)

The widgets of the Certificates page display the "NaN%" string instead of a chart.

Click >> Show Insights on the Certificates page to display the widgets.

Shared partitions not supported on path (ATEAM-18348)

Destinations of the F5-BIG-IP-Destination-Plugin type do not support shared partitions on the path. 

Certificate autorenewal cannot be disabled (ATEAM-18470)

When creating a certificate, the wizard does not display the renewal options if key_client_generated is set to true in the selected profile.

Multiple DNS in SAN not supported (ATEAM-18674)

When requesting a certificate using a public enrollment form, the SAN (Subject Alternative Names) field only supports one DNS value.

Authentication error in the user console (ATEAM-18726)

After deploying Certificate Manager, the user may be unable to log in to the user console due to an authentication error.

Manual upgrade required for supporting Sectigo CA (ATEAM-18790)

Certificate Hub 4.2.0 does not support requesting certificates from a CA Gateway 3.2.0  instance integrated with a Sectigo CA.

Workaround:

  1. Log in to https://trustedcare.entrust.com
  2. Download the solutions installers with .sln extension for:
    • Certificate Manager 4.2.1
    • CA Gateway 3.2.1
  3. Copy these files to any Cryptographic Security Platform node – for example, using an SFTP client.
  4. Run the clusterctl solution upload to upload the solution files.
  5. Run the clusterctl solution deploy command to deploy the new Certificate Manager and CA Gateway versions.

"Weak Hash Algorithm" filter requires resetting before generating a report (ATEAM-18804)

When using the Preview button to export the contents of the Weak Hash Algorithm system report, the generated report file includes more certificates than just those with a weak hash algorithm.

Workaround:

  1. Log in to the user console of Certificate Manager.
  2. Navigate to Report > Designer.
  3. On the report grid, click on Weak Hash Algorithm.
  4. Display the filter menu for the Signing Algorithm column.
  5. Click Clear to remove all the filter settings. 
  6. Click the Update button.
  7. Set again the initial filter configuration: 

    Starts with

    sha1

    Or

    Starts with

    md

  8. Click the Update button.
  9. Click Preview to confirm the generated report only includes certificates matching the filter.