Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Release Notes

search

Please Note:

Release Notes

Product Description

CipherTrust Vaultless Tokenization (CT-VL) is a platform-independent appliance (virtual machine or bare-metal) that offers REST-API services to protect sensitive data.

Release Description

This release includes new features and enhancements.

New Features and Enhancements

Support for AES-CTR and AES-GCM algorithms with the CipherTrust Manager (CM).

Security Updates

The CT-VL image is updated regularly with security updates.

Known Issues

ReferenceDescription
CADP-22331Tokenization services continue to fail even after communication to the CipherTrust Manager has been restored. This can happen if VTS services were restarted while communication to the CipherTrust Manager was still broken.
CADP-25141Problem: If a key has either a tokenize or detokenize permission assigned, the user cannot delete the key using API curl -k -X DELETE hostname/vts/km/v1/keys/keyname even after removing the key permissions. This API request deletes the key from both CT-VL and CM.
Workaround:Delete the key using the UI or DELETE API:
curl -k -X DELETE hostname/api/keys/keyname
This request deletes the key name from CT-VL. Ensure the key is also deleted from the KeyManager.
CADP-21987Problem : The API logs do not include the username when there are errors in input values.
CADP-16484CKMS encryption could momentarily fail to respond (HTTP 502 Error) if it encounters numerous invalid encryption requests.
TOK-3117, CS1526685, CS1528902, CS1530674Excessive PostgreSQL WAL archive files could occur causing disk space issues. This could happen with the VMs having a base image of v2.5 or below.

Upgrading to v2.6 or higher will not fix the issue. The real fix is to recreate the cluster with a base image of v2.6 or higher.
CADP-18193Upgrading to CT-VL v2.7 or higher will break TCP mode connectivity to the CipherTrust Manager NAE interface. A fix to this issue will be available in the next patch release.
In the meantime, a workaround is available. Please contact Support to obtain the workaround.
CADP-21154/var/log/messages log file does not rotate by size limit.

Limitation

  • Auto-renewal of client certificate is not supported with CipherTrust Manager.

On this page