The Dogtag team is proud to announce the sixth errata build for Dogtag 10.0. Builds are available for Fedora 18 and Fedora 19 in the updates-testing repositories. Please try them out and provide karma to move them to the F18 and F19 stable repositories. Karma can be provided at https://admin.fedoraproject.org/updates for each package. == Build Versions == pki-core-10.0.6-1 pki-ra-10.0.6-1 pki-tps-10.0.6-1 dogtag-pki-10.0.6-1 dogtag-pki-theme-10.0.6-1 pki-console-10.0.6-1 == Highlights since Dogtag 10.0.5 == * Some commands in the pki CLI have been renamed for better consistency. The old commands will continue to work, but they have no been deprecated, and will be displayed accordingly in the usage and man pages. The commands that have been renamed are: * old command -> new command * client-find-cert -> client-cert-find * client-import-cert -> client-cert-import * client-remove-cert -> client-cert-del * group-add-member -> group-member-add * group-find-member -> group-member-find * group-show-member -> group-member-show * group-remove-member -> group-member-remove * user-add-cert -> user-cert-add * user-find-cert -> user-cert-find * user-show-cert -> user-cert-show * user-remove-cert -> user-cert-del * user-add-membership -> user-membership-add * user-find-membership -> user-membership-find * user-show-membership -> user-membership-show * user-remove-membership -> user-membership-del * The upgrade scripts have been modified to backup the files used to track the upgrade process. For instance specific upgrade scripts, this is CS.cfg. * A missing jar link to apache-commons-io prevented IPA replica installs from completing successfully on RHEL 7. The required link has been added. (BZ 1024679) * Due to a bug in the configuration code, when installing a non-cloned CA, the certificate for the admin user configured during the install was signed with SHA1 by default. With the fix, the admin cert is signed with SHA256 by default. It is possible to override this setting by changing values in the caAdminCert.cfg profile prior to configuration. (BZ 1024445) * ipa-cert-remove-hold <non_existent_cert_id> used to return a server error. The error handling code for this servlet has been modified to return the correct error message (BZ 999722) * java-abrt crashes were being generated during IPA server installs due to exceptions being thrown during tomcat shutdown. This was due to the shutdown code being called multiple times internally. This code has been fixed. (BZ 1018268) == Detailed Changes since Dogtag 10.0.5 == alee (3): #743 fix tmpfiles.d references in spec files to reference /run/lock instead of /var/lock #776 IPA CA replica installation crashes on pkispawn (bz 1024679) #781 Admin cert signed with SHA1, should be SHA256 (bz 1024445) edewata(5): #779 Renaming Dogtag 10.0 pki commands #763 Backup tracker files during upgrade #775 Fix errors during tomcat shutdown (BZ 1018628) #739 ipa-cert-remove-hold <non_existent_cert_id> returns server error (BZ 999722) #780 Unable to get user principal in servlet