Release Notes
Introduction
These release notes apply to version 3.3.1 of the nShield Web Services Option Pack for Security World. They contain information specific to this release such as new features, defect fixes, and known issues.
PKCS #11 v3.0 compliance.
This release is compliant with PKCS #11 Version 3.0 (https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/os/pkcs11-base-v3.0-os.html).
Compatibility
Supported hardware
This release is targeted at deployments with any of the following nShield HSMs:
-
nShield Solo PCI Express (500+, and 6000+)
-
nShield Solo XC (Base, Mid, High)
-
nShield 5s (Base, Mid, High)
-
nShield Connect (500+, 1500+, and 6000+)
-
nShield Connect XC (Base, Mid, High, Serial Console)
-
nShield 5c (Base, Mid, High, Serial Console)
Supported operating systems
This release has been tested for compatibility with the following operating systems:
-
Red Hat Enterprise Linux Server 7 x64
-
Red Hat Enterprise Linux Server 8 x64
-
Red Hat Enterprise Linux Server 9 x64
-
SUSE Enterprise Linux 12 x64
-
SUSE Enterprise Linux 15 x64
-
Oracle Enterprise Linux 7.6 x64
-
Oracle Enterprise Linux 8 x64
Additionally the PKCS #11 library and the nShield Web Services Key Storage Provider have been tested for compatibility with the following operating systems:
-
Windows Server 2019 x64
-
Windows Server 2022 x64
-
Windows 10 x64
-
Windows 11 x64
Supported Security World versions
This release can be used with the following nShield Security World Software installations:
-
Security World v12.80
-
Security World v13.3 or greater
A minimum version of Security World v12.8x is required in order to migrate kmdata files using the Database Management Tool. |
Firmware versions supported by the 12.60 release are also supported by Web Services Option Pack. See the nShield 12.80 Security World Software release notes for further details.
Defect Fixes
Reference | Description in v3.3 | Fix in v3.3.1 |
---|---|---|
NSE-60805 |
N/A |
Fixed an issue which prevented the DBMT from being installed with Security World v13.6.3. |
Known Issues
Reference | Description |
---|---|
NSE-56623 |
Key records from releases prior to Web Services Option Pack version 3.2 may be incompatible with newer releases of Web Services Option Pack and be limited in future functionality. Customers wishing to upgrade from version 3.0 or 3.1 should contact Entrust Support for more information. |
NSE-62643 |
It is not possible to use RSA when performing an integration with the nShield Web Services Key Storage Provider and Microsoft IIS. Attempting to do so will result in the provider returning the following error: |
NSE-62766 |
Using the nShield Web Services Key Storage Provider to list the keys in a protection domain can result in |
NSE-62811 |
If the system that is hosting the Web Services Option Pack is restarted, the service can fail to automatically restart if the MongoDB server is not reachable in time. In this case the service can be started manually when the database is available. |
NSE-63105 |
If the HSM is put into a non-operational mode, when it is returned to |
NSE-63763 |
Descriptions of individual nShield Web Services Key Storage Provider event log entries, when viewed through Event Viewer, may contain text indicating that the description for a particular Event ID cannot be found. This message is benign as the logs generated by the provider are contained within the description. To address this issue, copy |
NSE-64343 |
There is an issue when using |