The Dogtag team is proud to announce the first errata build for
The only packages that are being modified are dogtag-pki and pki-core,
both of which are being released as version 10.0.1.
A build is available for Fedora 18 in the updates-testing repo. Please
try it out and provide karma to move it to the F18 stable repo.
Daily developer builds for Fedora 17 and 18 are available at
== Build Versions ==
== Highlights since Dogtag v. 10.0.0 ==
* Nonces have been added to the RESTful interface for certificate
revocation to preventing cross site scripting attacks on that interface.
* A new servlet has been added to the RESTful interface to add and
remove KRA connector configuration from a CA. This is used to clean up
a CA when a KRA is destroyed.
* The default validity of the CA signing cert has been lengthened from 8
to 20 years.
* pkispawn has been modified to allow the user to specify the location
of the generated admin cert PKCS#12 file.
* OCSP now supports ECC CRLs.
* A more robust use of interpolation has been added to pkispawn.
* pkidaemon has been repaired to display the runtime status of PKI
* A third-party license file has been added for Dogtag 10's use of
JQuery and the JQuery.i18n.properties plug-in
== Detailed Changes since Dogtag v. 10.0.0 ==
- TRAC Ticket 367 - pkidestroy does not remove connector
- Fix spec file to allow f17 to work with latest tomcatjss
- TRAC Ticket 466 - Increase root CA validity to 20 years
- TRAC Ticket 437 - Make admin cert p12 file location configurable
- TRAC Ticket 393 - pkispawn fails when selinux is disabled
- Punctuation and formatting changes in man pages
- TRAC Ticket 436 - Interpolation for pki_subsystem
- TRAC Ticket 433 - Interpolation for paths
- TRAC Ticket 435 - Identical instance id and instance name
- TRAC Ticket 406 - Replace file dependencies with package dependencies
- Revert to using default config file for pkidestroy
- Hardcode setting of resteasy-lib for instance
- Bugzilla Bug 839426 - [RFE] ECC CRL support for OCSP
- TRAC Ticket 214 - Missing error description for duplicate user
- TRAC Ticket 213 - Add nonces for cert revocation
- TRAC Ticket 191 - Mapping HTTP Exceptions to HTTP error codes
- TRAC Ticket #430 - License for 3rd party code
- TRAC Ticket 469 - Fix tomcatjss issue in spec files
- TRAC Ticket 468 - pkispawn throws exception
- TRAC Ticket 271 - Dogtag 10: Fix 'status' command in 'pkidaemon'