New Features and Changes in Cloudera Navigator Key Trustee Server
The following sections describe what's new and changed in each Cloudera Navigator Key Trustee Server release.
What's New in Cloudera Navigator Key Trustee Server
The following sections describe what's new in each Cloudera Navigator Key Trustee Server release.
- What's New in Cloudera Navigator Key Trustee Server 5.15.0
- What's New in Cloudera Navigator Key Trustee Server 5.14.0
- What's New in Cloudera Navigator Key Trustee Server 5.13.0
- What's New in Cloudera Navigator Key Trustee Server 5.12.0
- What's New in Cloudera Navigator Key Trustee Server 5.11.0
- What's New in Cloudera Navigator Key Trustee Server 5.10.1
- What's New in Cloudera Navigator Key Trustee Server 5.10.0
- What's New in Cloudera Navigator Key Trustee Server 5.9.0
- What's New in Cloudera Navigator Key Trustee Server 5.8.0
- What's New in Cloudera Navigator Key Trustee Server 5.7.0
- What's New in Cloudera Navigator Key Trustee Server 5.5.2
- What's New in Cloudera Navigator Key Trustee Server 5.5.0
- What's New in Cloudera Navigator Key Trustee Server 5.4.9
- What's New in Cloudera Navigator Key Trustee Server 5.4.3
- What's New in Cloudera Navigator Key Trustee Server 5.4.0
What's New in Cloudera Navigator Key Trustee Server 5.15.0
An issue has been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.15.0.
What's New in Cloudera Navigator Key Trustee Server 5.14.0
An issue has been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.14.0.
What's New in Cloudera Navigator Key Trustee Server 5.11.0
- Key Trustee Server supports RHEL 7.4.
- Key Trustee Server supports OEL 7.4.
What's New in Cloudera Navigator Key Trustee Server 5.10.1
An issue has been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.10.1.
What's New in Cloudera Navigator Key Trustee Server 5.10.0
- Key Trustee Server supports RHEL 7.3.
- Key Trustee Server supports OEL 6.8, 7.2, and 7.3.
- Key Trustee Server supports modifying the supported ciphers and protocols for TLS.
What's New in Cloudera Navigator Key Trustee Server 5.9.0
- Key Trustee Server supports RHEL 6.8.
- Running the Key Trustee Server backup script now backs up necessary hardware security module (HSM) configuration files.
- Key Trustee Server supports rolling restart in Cloudera Manager.
What's New in Cloudera Navigator Key Trustee Server 5.8.0
- When adding the parcel-based Key Trustee Server service for the first time, Cloudera Manager automatically backs up Key Trustee Server locally and schedules ongoing hourly local backups using cron. For more information, see 6. Add a Key Trustee Server Service.
- The Key Trustee Server backup script (ktbackup.sh) adds a new option, --roll, which specifies the number of backups to retain. For more information, see Backing Up Key Trustee Server and Key Trustee KMS Using the ktbackup.sh Script.
An issue has also been fixed. For more information, see Issues Fixed in Cloudera Navigator Key Trustee Server 5.8.0.
What's New in Cloudera Navigator Key Trustee Server 5.7.0
- A backup script (ktbackup.sh) is included with Key Trustee Server. See Backing Up and Restoring Key Trustee Server and Clients for more information.
- Parcel-based Key Trustee Server logs an error message at startup if the keytrustee.conf file is malformed.
- Error logging is improved for connection and certificate errors with Key Trustee Server connecting to Key HSM.
A number of issues have also been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.7.0.
What's New in Cloudera Navigator Key Trustee Server 5.5.2
- The ktadmin command has a new --passphrase option to allow migration of existing keys from a Key Trustee Server with a password-protected private key to an HSM. See Integrating Key HSM with Key Trustee Server for more information.
An issue has also been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.5.2.
What's New in Cloudera Navigator Key Trustee Server 5.5.0
- Key Trustee Server supports RHEL 7.
- Key Trustee Server supports password-protected SSL certificates.
- TLS/SSL certificate file paths are configurable in Cloudera Manager.
A number of issues have also been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.5.0.
What's New in Cloudera Navigator Key Trustee Server 5.4.9
An issue has been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.4.9.
What's New in Cloudera Navigator Key Trustee Server 5.4.3
A number of issues have been fixed. See Issues Fixed in Cloudera Navigator Key Trustee Server 5.4.3.
What's New in Cloudera Navigator Key Trustee Server 5.4.0
- Key Trustee Server can be installed and managed using Cloudera Manager. See Installing Cloudera Navigator Key Trustee Server for more information.
- Existing keys stored in Key Trustee Server can be migrated to a Hardware Security Module (HSM) using Navigator Key HSM. See Integrating Key HSM with Key Trustee Server for more information.
Changed Features and Behaviors in Cloudera Navigator Key Trustee Server
The following sections describe what's changed in each Cloudera Navigator Key Trustee Server release.
What's Changed in Cloudera Navigator Key Trustee Server 5.8.0
- Attempting to start the keytrusteed service using the service command when Key Trustee Server is already running now reports success with a message indicating that the service is already running.
What's Changed in Cloudera Navigator Key Trustee Server 5.7.0
The ktadmin keyhsm command can be used to update Key Trustee Server certificate information for Key HSM
The ktadmin keyhsm command can be used to update Key Trustee Server certificate information for Key HSM instead of manually modifying keytrustee.conf. See Integrating Key HSM with Key Trustee Server for more information.
What's Changed in Cloudera Navigator Key Trustee Server 5.5.0
Key Trustee Server can be installed using Cloudera Manager without a CSD
Key Trustee Server no longer requires a Custom Service Descriptor (CSD) file.
What's Changed in Cloudera Navigator Key Trustee Server 5.4.0
All processes run as a single user
All Key Trustee Server processes now run as a single non-root user (keytrustee by default).
Key Trustee Server processes use a single port
Key Trustee Server processes (with the exception of the backing PostgreSQL database) now use a single port (11371 by default). See Upgrading Cloudera Navigator Key Trustee Server for more information.