What's New in Key Trustee Server

Learn about the new features of Key Trustee Server in Cloudera Runtime 7.1.8

  • Key Trustee is now compatible to work with GCP Cloud HSM and Thales HSM CipherTrust Manager 2.0.
  • Key Trustee Server will not use an IP address in self-signed certificates when a hostname/dns is provided.


  • Removed instances of the third party library log4j from KeyHSM due to CVE vulnerabilities.
  • To avoid out of memory issues when using KeyHSM, the default heap size has been increased from 1GB to 2GB.