Reflection PKI Services Manager is a service that provides certificate validation services for many Micro Focus products.
These notes list the new features and updates in Reflection PKI Services Manager version 1.3 Service Pack 2 (SP2) Update 1.
To check certificate revocation, PKI Services Manager now uses the URI for the OCSP responder from the correct certificate. Previously PKI Services Manager checked the revocation of a certificate using the URI for the OCSP responder from the issuer of that certificate. This has been corrected.
The Public Key Viewer now displays the SHA-256 hash of the Public Key as well as the SHA1 and MD5.
PKI Services Manager now runs only on 64-bit operating systems. If you have an older 32-bit installation running on a 64-bit machine, it will be upgraded to a 64-bit installation.
Java has been updated for all PKI Services Manager supported platforms.
The following operating system upgrades are now supported:
Windows Server 2019
Red Hat Enterprise Linux 8
SUSE Linux Enterprise Server 15
Solaris 11.4 (x64 64-bit)
Solaris 11.4 (SPARC 64-bit)
See Supported Platforms for a complete list of supported platforms in PKI Services Manager.
Known issues you may encounter:
When PKI Services Manager tries to test a certificate from the PKI Services Manager Console using a Certificate Revocation List (CRL) file in the Local Store, it fails to load the CRL file and then displays a “CRL not found” error.
This issue only occurs in the PKI Services Manager Console UI and does not prevent PKI Services Manager from properly performing revocation checking.
Workaround: Certificates can be tested using the pki-client Command Line Utility by running: java –jar pki-client.jar validate <options> or winpki validate <certificate>
When running certain older browsers, (for example, older versions of Internet Explorer 11), the local help system may not display the expected help banner image.
PKI Services Manager installs its own Java environment and uses this by default. It is also possible to configure PKI Services Manager to use a different Java environment.
On Linux, Solaris and Windows platforms, PKI Services Manager is now using Azul Zulu OpenJDK version 8u252.
On AIX platforms, the installed Java was updated to IBM Runtime Environment Java Technology Edition Version 8.0.6.11.
PKI Services Manager 1.3 SP2 U1 supports these 64-bit platforms:
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows Server 2012
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 7
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 12
Solaris 11.4 (x64-bit)
Solaris 11.4 ( SPARC 64-bit)
For more information, see Technical Note 2427.
MD5 support in FIPS mode removed.
Beginning with version 1.3 SP2, MD5 signed certificates are no longer supported in FIPS mode. Users who need support for MD5withRSA signed certificates in FIPS mode should use PKI Services Manager 1.3 SP1 or earlier.
© Copyright 2020 Micro Focus or one of its affiliates.
The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.
Contains Confidential Information. Except as specifically indicated otherwise, a valid license is required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.