Added

There is a new patch available for the Luna service client CSP and KSP utilities available from the Thales Support Portal with the KB article number KB0024438/DOW0007000.  This patch resolves the following issues:

• HAPP-168   Performance Optimizations enabled in CSP for Luna7
• HAPP-326   Luna KSP CKA_EXTRACTABLE
• HAPP-492   certutil verifystore command shows error when keys and CSR created with CSP
• LUNA-7254  certutil issue: Not able to get the prompt back after running "certutil -store my" when KSP is registered
• LUNA-7595  KSP keygen slow
• LUNA-8100  citrix fas NTE_BAD_DATA from KSP
• LUNA-8808  CSP with CryptoUser
• LUNA-8938  citrix fas issue ckr_device_memory for KSP
• LUNA-12715 Update the KSP code to accept the new and old certificates
• LUNA-14732 CSP SHA2 signing error on Windows 10 Docker container (kspcmd utility)
• LUNA-15597 Luna KSP CKA_EXTRACTABLE test case for UC 10.4.0 regression test
• LUNA-17051 MS HGS integration
• LUNA-21611 CSP import PFX fix
• LHSM-41992 Microsoft HGS supported algorithms and flags are required for KSP
• LHSM-42509 repair ksp for citrix/fas app
• LHSM-42911 certutil crash wrt ksp and csp
• LHSM-42949 delete key via csp
• LUNA-21906 Improve KSP Resiliency/Recovery
• LUNA-21911 kspcmd.exe doesn't exit after registering slot

The patch includes a readme.txt file which provides instructions for updating your Luna service clients CSP and KSP utilities. 

Notes:

• NOTE 1. Ensure to set "FunctionBindLevel=2" in the Misc section of crystoki.ini for this release to work with clients UC 10.3 or earlier.
• NOTE 2. For Luna Cloud HSM Services, disable session cache in the registry as shown in the following REG file sample:

        Windows Registry Editor Version 5.00
        [HKEY_LOCAL_MACHINE\SOFTWARE\Safenet\SafeNetKSP\CurrentConfig]
        "SessionCacheEnabled"=dword:00000000

SHA Checksum:     e06cc15eb7906d6a2730f8cfac746a0e57b765896beea342d00590febb334cda