Release Notes for AEGIS Server version 1.1.6
April 12, 2005
Version 1.1.6 replaces version 1.1.5.
More detailed description of the changes can be found in an Addendum to the AEGIS Server
1.1.4 User Guide. The file name is AEGIS_Server_1.1.6_Addendum.pdf and it is located in
the folder/directory containing the server's documentation.
New Features/Enhancements in Version 1.1.6
-
Boolean EAP-PEAP parameter "force-version-0" has been replaced with integer parameter
"force-version" that currently accepts values 0 and 1. If you do not wish to force
particular version of PEAP protocol then remove or comment out this parameter. It is
commented out by default. (Ref #3374)
IMPORTANT NOTE FOR CUSTOMERS UPGRADING 1.1.4 OR 1.1.5 TO 1.1.6:
The default configuration file aegiss.cfg in 1.1.4 and 1.1.5 contained parameter
"force-version-0". This will cause 1.1.6 to fail to start with appropriate message in
the log. In order to resolve the problem you need to replace parameter
"force-version-0" with "force-version" and comment it out (unless you wish to force a
particular PEAP version).
-
The provided certificate examples have changed.
The PKI looks like the following:
CN=MDC-Test-Root-CA
|
+-- CN=MDC-Test-Intermediate-CA-usr
| |
| +-- CN=vinny (file is vinny.pfx, password is test)
|
+-- CN=MDC-Test-Intermediate-CA-srv
|
+-- CN=aaa (file is aaa.pfx, password is test)
-
OpenSSL has been updated to the version 0.9.7f.
-
OpenLDAP has been updated to the version 2.2.24. - Solaris & Linux only
Problems fixed and changes between 1.1.5 and 1.1.6
-
AEGIS server exits when different policies are used outside and inside the
tunnel.
Different innner and outer policies can now be used. (Ref #10029)
-
AEGIS Server does not limit the maximum key size for the encryption.
In order to comply with government's export restrictions the maximum key size used in
assymetrical encryption (public and private keys) has been limited to 2048 bits.
(Ref #10047)
