For the latest version, please use Key Management System 3.12.0!

Release 3.4.0

Bugfixes

  • MTG KMS-Server

    • Vendor Identification with GetAttributeList Operation was missing.

    • Cryptographic Usage Mask fixed Export Tag parsing.

Features and updates

All MTG Java Application Projects

List of all MTG Java Application Projects see [MTG_ERS_JAVA].

Supported Operating Systems [OS].

  • Spring boot version increased to 3.3.2 (includes tomcat 10.1.26).

  • MTG KMS-Server

    • Update MTG-KMS-KMIP-Operations document add table Not Supported Attributes.

    • CMP configuration on the Admin REST-API can now store any number of CMP Root CA Certificates.

    • To address different templates at a CA via the Certify operation and CMP (see also inside the document Objects-and-Operations chapter KMIP Attribute Vendor Identification / Custom Attribute), it now accepts a vendor identification with:

      • MTG (Case Sensitive) as VendorIdentification and

      • PolicyID (Case Sensitive) as AttributeName

      • a UUID of the CA as AttributeValue

      • Example:

        {"tag": "VendorIdentification", "type": "TextString", "value": "MTG"},
{"tag": "AttributeName", "type": "TextString", "value": "PolicyID"},
{"tag": "AttributeValue", "type": "TextString", "value": "be05650a-06a0-4cea-a850-d42954f8278b"}

    • For audit logging, a self-defined key for signing in sizes 128 or 192 or 256 bit can be used and specified in the logback.xml file with the tag: <secretKey> and the applicationName: OwnSecret (see also chapter Audit Configuration in the Installation manual).

MTG KMS-PKCS#11-Library

Support of OpenSSL versions, see [OpenSSL_compatibility].

Supported Operating Systems [OS_PKCS11].

  • none

MTG KMS-UI

  • Changed the CMP Configuration to accept multiple root certificates in the KMS Admin UI.

Installation instructions

  • none