KeyManager Plus Release 5.6.3 (Dec 2018)

New Features / Enhancements

• SMTP server certificate discovery: Key Manager Plus now supports SMTP server certificate discovery that allows administrators to exclusively discover and manage SSL certificates used by mail servers.

Bug Fix

• Previously, when deploying SSL certificates to Microsoft Internet Information Services (IIS) server, the private key exported with the certificate was being corrupted on deployment. This has now been fixed.
• Previously, administrators were unable to sign certificates with custom root CA if Subject Alternative Name (SAN) wasn't provided during CSR generation. This has now been fixed.

Security Fix

• Previously, when performing template-based discovery of certificates issued by the Microsoft Certificate Authority (MS CA), the CA server's account credentials were being stored in clear text in the Key Manager Plus server's log files. This has now been fixed.


Note: The potential for exposure was limited only to customers matching specific conditions. A detailed advisory was sent to customers to check for such conditions and in the unlikely case of exposure happening, the advisory included instructions to sanitize the exposure and fix the conditions.