8.5.101.97

Configuration Server Release Notes

What's New

This release contains the following new features and enhancements:

• Configuration Server (CS) now exposes its performance statistics and current activity via open HTTP port in Prometheus text format. Prometheus can be used to periodically collect and keep this data for further querying and graphical representation. Alternately, web browser or curl can be used to retrieve current statistical data for real-time monitoring. For detailed description see Prometheus support in Management Framework Deployment Guide. (MFWK-24051)

Resolved Issues

This release contains the following resolved issues:

CS now uses OAEP padding when encrypting the configuration database password that is stored in the CS startup configuration file of the master Configuration Server. Previously, CS used the PKCS 1 padding instead of OAEP. This change enhances the security in storing the password by eliminating the known vulnerability of PKCS 1 padding. You can use the existing configuration files containing passwords, encrypted with PKCS 1, with no changes. You can update the configuration files to re-encrypt the password using OAEP. For information on how to do this, refer to the section Encrypting the Configuration Database Password of the Management Framework Deployment Guide.

The new startup option in the configuration file Configuration Server Section is automatically created when CS is forced to encrypt the database password.

decryption-padding
Valid Value: OAEP - password is encrypted using OAEP padding
Default: If the password is encrypted, PKCS 1 padding is used
Changes Take Effect: After restart
(MFWK-24175)

Upgrade Notes

No special procedure is required to upgrade to release 8.5.101.97.