Back to resources

December 9, 2015

NewsEJBCA Hardware Appliance

PKI Appliance 2.4.0

PKI Appliance

The PrimeKey Appliance team is proud to announce the release of PKI Appliance 2.4.0.

This is a feature release which introduces several new functionalities and improvements and restructures the appliance portfolio by introducing new models. From this release on PrimeKey will offer the PKI Appliance in three different models (S, M, L) addressing different needs depending on the use cases.

PKI Appliance 2.4.0 Release Notes

Appliance Platform

New Features

  • Introduction of new PKI Appliance models S, M, L. See details in the technical specification.
  • Option to load FIPS firmware module into the HSM to enforce FIPS Restrictions.
  • Support for signed and encrypted firmware and application software packages. All future updates will be signed and encrypted.
  • Improved SSH/console password and key handling. WebConfigurator now supports option to set the SSH password or upload an SSH key for authentication. Console access can be enabled and disabled.

Improvements

  • Improved RAID status information in WebConfigurator.
  • Updated firewall rules.
  • Notification for running background jobs. Clearer error messages and explanation of error codes.
  • NTPd has been updated to 4.2.8p4.
  • Syslog appender format has been adjusted.
  • Apache Proxy has been updated to 2.4.16.
  • SSHd has been updated to 7.1p1.

Solved Issues

  • In the past it could happen that the connection from EJBCA to the HSM could expire after an idle period of a few days. The result was that EJBCA was unavailable as it could not write to the audit log. This problem has been addressed by activating HSM Keep Alive service in EJBCA by default.
  • In the case one node of a 2-node cluster has been disconnected, the other might become also unavailable until it is forced-into-primary from Web-Configurator web GUI. Unfortunately EJBCA might remain unavailable after this operation and the only workaround is to restart JBoss application server using the console. This issue has been resolved by an automatic application server restart after forcing the node into primary mode.

Security Patches

  • Commons-collections library has been removed as a preventive security measure.

EJBCA and SignServer

This version of the PKI Appliance runs EJBCA Enterprise 6.4.0. For more info view the EJBCA Enterprise 6.4.0 product release.

The optional SignServer add-on for this appliance version, is SignServer Enterprise 3.7.0. For more info view the SignServer Enterprise 3.7.0 product page.

More information

Detailed product sheets and basic information on PrimeKey PKI Appliance is available here.

For further information contact Martin Oczko, Product Manager, PrimeKey Labs GmbH, tel: +49(0)241 608 471 17, e-mail: martin.oczko@primekey.de

Related blog and news

W Hotel - Photo by Leyre on Unsplash
2022-12-09
News
About PrimeKey

Tech Days 2023 – See the full program

CybersecurityMadrid
2021-11-04
News
About PrimeKey

PrimeKey strengthens presence in France with new subsidiary

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all