Release Notes
Product Description
CipherTrust Vaultless Tokenization (CT-VL) is a platform-independent appliance (virtual machine or bare-metal) that offers REST-API services to protect sensitive data.
Release Description
This release includes security updates and performance improvements in cryptographic services.
Note
Support for KeySecure as a key manager has been deprecated.
Security Updates
The CT-VL image is updated regularly with security updates.
Resolved and Known Issues
Resolved Issues
| Reference | Descritption |
|---|---|
| CADP-16484 | Problem: CKMS encryption could momentarily fail to respond (HTTP 502 Error) if it encounters numerous invalid encryption requests. |
Known Issues
| Reference | Description |
|---|---|
| CADP-27506 | Problem:When the input data length is less than or equal to keep right count in token template and the "Preserve NULL or 1 character inputs" option is selected, an empty "" token is returned. Workaround: To preserve single character input , set keep right count to a value smaller than minimum input data length. |
| CADP-25760 | Problem: CT-VL requests with :refresh suffix in the key id (kid) may result in a 504 Gateway timeout error for:• Encryption, decryption, sign, and verify crypto operations, • GET key API call. This issue can occur in both single and batch API calls. |
| CADP-21987 | Problem: The API logs do not include the username when there are errors in input values. |
| CADP-22832 | Problem: CT-VL does not adhere to admin group permissions for encryption/decryption |
| CADP-21219 | Problem: Per user records for tokenization, detokenization, and crypto operations are not displayed on the UI dashboard. |
| TOK-3117 | Problem: Excessive PostgreSQL WAL archive files could occur causing disk space issues. This could happen with the VMs having a base image of v2.5 or below. Upgrading to v2.6 or higher will not fix the issue. The real fix is to recreate the cluster with a base image of v2.6 or higher. |
| CADP-22387 | Problem: Mismatch in the number of log entries and data displayed on the CT-VL dashboard. |
| CADP-21939 | Problem: Restoring a CT-VL backup that used a DSM on CT-VL connected (registered) to the CipherTrust Manager, or a CT-VL on DSM connected (registered) to the CipherTrust Manager, is currently not supported. Workaround: To restore a CT-VL backup that used a DSM, first register CT-VL to DSM and then perform the restore operation. After the restore operation is completed, reconnect CT-VL to the CipherTrust Manager. |
Limitation
- Auto-renewal of client certificate is not supported with CipherTrust Manager.
