Release Notes for AEGIS Server version 1.1.6

New Features/Enhancements in Version 1.1.6

• Boolean EAP-PEAP parameter "force-version-0" has been replaced with integer parameter "force-version" that currently accepts values 0 and 1.
  If you do not wish to force particular version of PEAP protocol then remove or comment out this parameter. It is commented out by default. (Ref #3374)
  
  IMPORTANT NOTE FOR CUSTOMERS UPGRADING 1.1.4 OR 1.1.5 TO 1.1.6:
  The default configuration file aegiss.cfg in 1.1.4 and 1.1.5 contained parameter "force-version-0". This will cause 1.1.6 to fail to start with appropriate message in the log. In order to resolve the problem you need to replace parameter "force-version-0" with "force-version" and comment it out (unless you wish to force a particular PEAP version).
  
  
• The provided certificate examples have changed.
  The PKI looks like the following:

  CN=MDC-Test-Root-CA
         |
         +-- CN=MDC-Test-Intermediate-CA-usr
         |      |
         |      +-- CN=vinny (file is vinny.pfx, password is test)
         |
         +-- CN=MDC-Test-Intermediate-CA-srv
                |
                +-- CN=aaa (file is aaa.pfx, password is test)
  

  
  
• OpenSSL has been updated to the version 0.9.7f.
  
  
• OpenLDAP has been updated to the version 2.2.24. - Solaris & Linux only
  

Problems fixed and changes between 1.1.5 and 1.1.6

• AEGIS server exits when different policies are used outside and inside the tunnel.
  Different innner and outer policies can now be used. (Ref #10029)
  
  
• AEGIS Server does not limit the maximum key size for the encryption.
  In order to comply with government's export restrictions the maximum key size used in assymetrical encryption (public and private keys) has been limited to 2048 bits. (Ref #10047)