See below the known issues common to all PKI Hub installations on Cryptographic Security Platform 1.4.0.
Installations with Certificate Enrollment Gateway cannot be restored (CSF-704 & EDM-18536)
PKI Hub installations with a deployed Certificate Enrollment Gateway do not support Restoring PKI Hub.
Workaround:
- Contact Entrust support for a new version of the
csf-backup-restore.shscript - Open a user session in any of the PKI Hub installation nodes.
- Run the following commands to install the script.
sudo cp --force csf-backup-restore.sh /opt/entrust/scripts/rhel/sudo chmod 550 /opt/entrust/scripts/rhel/csf-backup-restore.shsudo chown sysadmin:edm /opt/entrust/scripts/rhel/csf-backup-restore.sh - Follow the steps described in Restoring PKI Hub to restore the state.
Occasional restore failures of single-node installations (EDM-16171)
The process described in Restoring PKI Hub fails 75% of the time on single-node installations.
Workaround: Run the clusterctl uninstall command to uninstall the cluster, and re-try Restoring PKI Hub.
Unexpected error when deploying Certificate Authority
Due to a concurrency issue, Certificate Authority deployment may fail and log an “invalid variable name” error.
To fix this issue, contact the Entrust support team as explained in Getting technical assistance.