1.4. Bug Fixes

This part describes bugs fixed in Red Hat Certificate System 9.7 that have a significant impact on users:

Previously, LDAP missed a group entry for TPS-specific Auditors. As a consequence, existing instances require a manual LDAP procedure in order to use the TPS Auditor group. This does not impact new installations.

To correct this, run ldapmodify to connect to the LDAP server in question and add the missing object:

        $ ldapmodify -x -D "cn=Directory Manager" -w $PASSWORD << EOF
        dn: cn=Auditors,ou=Groups,{rootSuffix}
        changeType: add
        objectClass: top
        objectClass: groupOfUniqueNames
        cn: Auditors
        description: People who can read the signed audit logs for TPS
        EOF

Replace {rootSuffix} with the base DN (pki_ds_base_dn) from the TPS configuration file. For example dc=tks,dc=pki,dc={DOMAIN...},dc={TLD}.

As a result, existing TPS installations can use the Auditor groups along with new TPS installations.

Bug fixes in Red Hat Certificate System, that are included in the pki-core package, are documented in Red Hat Enterprise Linux 7.9 Release Notes: