Workaround: The lockout counter is not incremented as expected this message can be safely ignored. Logins in between) the co will be locked. However, LunaCM still produces a misleading message: Caution: You have only 10 co login attempts left. Problem: When a KRCO password is longer than 16 characters, no failed login counter is incremented. Workaround: Use ckdemo to log in as KRSO (pso) and re-initialize the KRCO role. Problem: After resetting a keyring to its initial conditions, LunaCM does not allow you to log in as KRSO (po), saying that the role is not initialized. Workaround: Ensure that the user logs in for the first time to the member where the user account was created. If the password is changed manually on member B, logging in to member A will still require another password change. If the user's first login is on cluster member B, however, the password change is not enforced. Problem: When a custom user account is created on cluster member A, the user is required to change the initial password upon first login to cluster member A. Resolved: Fixed in Luna Network HSM 7.8.1 clusters package. Workaround: RADIUS is not supported for use with clusters if you have RADIUS-authenticated users on the appliance, the cluster service will start once they are deleted. Problem: If a RADIUS-authenticated user is created on Luna Network HSM, the cluster service will not start. The correct value (10) is reported by role show after logging in to the keyring using the reset credentials. Problem: After resetting a keyring, role show incorrectly indicates that there are 15 failed login attempts/password change attempts remaining until keyring lockout. Do not configure network bonding on Luna Network HSM 7.8.0. Problem: When bonding is configured, the gateway is not set on the bond interface. Resolved: Fixed in Luna HSM Client 10.5.1. ![]() Problem: The Mutex lock file generated by Luna HSM Client is created with the wrong permissions (writable by everyone). Resolved: Fixed in Luna Network HSM appliance software 7.8.1. Workaround: The interface is deleted this information can be safely ignored. Problem: In LunaSH, after deleting a network interface, the information about that interface is still displayed in the output for network show. Workaround: Configure the interface manually by assigning a static IP address and gateway, or reconfiguring DHCP on the interface. Problem: When the network service on Luna Network HSM appliance software 7.8.x is reset to factory conditions (lunash:> sysconf config factoryreset -service network), the DHCP interface is not automatically assigned a gateway. Workaround: In this release, do not customize the crypto port number. Problem:Changing the default port used for crypto operations on the cluster (50052) can cause communication problems between cluster members. Problem: When a default route is configured on a network interface, another newly-configured static interface is not assigned a gateway. Workaround: Add a manual network route to the affected interface using network route add. Problem: When a default route is configured on a network interface, another newly-configured DHCP interface is not assigned a gateway. Problem: On Linux, a non- root user in the hsmusers group is unable to start pedclient. Workaround: This message can be safely ignored. Problem: After adding a network route, a failure message is returned ( Failed to apply new route information to bond0.) but the route is added successfully. Problem: On AIX, the LunaCM command partition domainlist returns an error: lunacm:>partition domainlist Workaround: Use the ms2luna utility from Luna HSM Client 10.5.0 instead. ![]() Problem: Using Luna HSM Client 10.5.1, ms2luna fails to migrate KSP keys to the Luna HSM. Workaround: Enable the webserver again in LunaSH with webserver enable. Problem: After an appliance reboot, webserver show indicates that the webserver is enabled and running, but the webserver certificate cannot be retrieved. Use Luna HSM Client 10.5.0 or older if you are setting up a Remote PED server. Problem: Using Luna HSM Client 10.5.1, drivers for Remote PED are not installed on Debian-based Linux (such as Ubuntu). ![]() ![]() Issues listed in green have been resolved and the component and version including the fix is provided. Use the buttons below to display issues related to specific Luna software/firmware components. Workarounds are provided where available. The following table lists known issues in all released versions of Luna 7 components. These archived documents are not updated, and may contain errors and omissions. Select a release to view the available documentation for the release. Older versions of the documentation are release-specific. You are viewing the latest version of the Luna Network HSM 7 documentation, which covers all released Luna Network HSM 7 and Luna HSM Client 7/10 components, and is updated frequently with the latest corrections and improvements.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |