Additional Fields are now Mandatory for Tenant Registration
The following fields are now mandatory for tenant registration:
- Address
- City
- ZIP Code
- State/Province/Region*
* Mandatory if Country is set to United States, Canada, or Australia
Additional Fields are now Mandatory for Tenant Registration
The following fields are now mandatory for tenant registration:
* Mandatory if Country is set to United States, Canada, or Australia
The input fields for tenant registration, excluding the password field, will be trimmed. Leading and trailing spaces on input fields, excluding the password field, will be removed by the platform during registration.
If you have automation using the API for tenant registration and tenant updating you should modify your automation to account for this behavior.
See the Data Protection on Demand (DPoD) API for more information.
The following fields are being made mandatory for tenant registration when Country is set to United States, Canada, or Australia:
If you have automation using the API for tenant registration and tenant updating you should modify your automation to account for these new mandatory fields.
See the Data Protection on Demand (DPoD) API for more information about available endpoints and fields.
This change has been rescheduled to Tuesday February 8th 14:00 UTC to give customers more time to adjust their environments.
A knowledge base article with a full description of the change is available here. The article contains important information on mandatory changes for users on 10.0 or 10.1 client versions in North America.
This change introduces a new endpoint for validating the certificate status. Please ensure that operating systems hosting the client are able to validate the server certificate status (OCSP/CRL) using port 80.
Ensure that these certificate revocation lists (CRLs) are accessible from the client machine prior to the planned change on Tuesday February 8th 14:00 UTC to guarantee continuity of service.
Current CRL: http://crl.godaddy.com/gdig2s1-3235.crl
New CRL: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Platform CRL: http://crl3.digicert.com/ssca-sha2-g7.crl
The following fields are being made mandatory for tenant registration:
If you have automation using the API for tenant registration and tenant updating you should modify your automation to account for these new mandatory fields.
See the Data Protection on Demand (DPoD) Public API for more information about available endpoints and fields.
The authentication method used by the 10.0 and 10.1 version of the Luna Cloud HSM client is being deprecated. Clients using this authentication will no longer be supported by the Luna Cloud HSM service after December 31, 2021.
We recommend you upgrade your client to the latest version at your earliest convenience. See Upgrading your client for more information.
Deprecated
The authentication method used by the 10.0 and 10.1 version of the Luna Cloud HSM client is being deprecated. We recommend you upgrade your Luna Cloud HSM service clients to the latest version at your earliest convenience. Clients using this authentication mechanism will no longer connect to the service after December 31, 2021. Instructions for upgrading the client can be found in our documentation here.
Under Development
If you are using an IP address in your HTTP Network Connection between your DPoD service and the DPoD platform we recommend you update your configuration to use the fully qualified domain name as described in Network Connectivity.
If your network configuration uses any hard coded IP addresses, be aware that upcoming changes to the DPoD platform will disrupt your connection to the service.
Added
Bugs Found
cmu verifyhsm does not prompt the user to enter a challenge string. Always specify a challenge string using cmu verifyhsm -challenge <string>.cmu requestcertificate using the wrong attribute to specify the private key returns an incorrect error message. Use the -privateouid to specify a private key on a Luna Cloud HSM service.cmu import to import a DSA key fails. Use an RSA public key instead.cmu selfsigncertificate with no arguments specified, on Linux, cmu fails to prompt the user for the relevant object handles/OUIDs. Always specify the object handles/OUIDs using -publichandle and -privatehandle or -publicouid and -privateouid.ckmdeo option Get OUID (39) returns OUIDs with extra zeroes appended. Use option Get Attribute (24) to view the correct OUID.CKR_OBJECT_HANDLE_INVALID. We recommend you avoid upgrading your Luna Cloud HSM service client until the issue is resolved. cmu getpkc to confirm a public key can fail. Execute the ckdemo Display Object (27) function to confirm the key pairs origins and security in the HSM. If the CKA_NEVER_EXTRACTABLE attribute is present it confirms that the private key was created in the HSM and has never been extracted.Bugs Fixed
cmu selfsigncertificate now match the input serial number.Deprecated
The DPoD Platform API is deprecating the PATCH /tenants/{id}/admin/reset and POST /tenants/{id}/admin/resetMfaToken operations.
Tenant administrators can use the self-service password reset from the DPoD tenant log in screen or request that a sibling tenant administrator reset their password. Tenant administrators must request an MFA reset from a sibling tenant administrator.
These endpoints will be removed from the platform in a future update.
