[4.3] Patch - Mar 9, 2022

Fortanix Data Security Manager (DSM) 4.3.2030 provides an overview of improvements, resolved issues, and known issues.

It is “REQUIRED” to upgrade Fortanix DSM to version 4.1 or 4.2 before upgrading to version 4.3.2030.
After the software package is uploaded, the expected time to upgrade a 3-node cluster is about 1.5 to 2 hours from version 4.1 or 4.2 to 4.3.2030.

1. Improvements

  • The Rotate linked keys option is now visible for a key that is copied from a 3rd party HSM-backed group to any other Fortanix DSM group (JIRA: ROFR-2952). RotateLinkedKey.png

2. Bug Fixes

  • Fixed a scan error when the user clicks Sync Keys for an AWS KMS group (JIRA: PROD-3787).
  • Fixed an issue when upgrading from Kubernetes 1.10 to 1.11/1.12 (JIRA: DEVOPS-2297).
  • Fixed an issue with the etcd upgrade (JIRA: DEVOPS-2296).
  • Fixed upgrade script when upgrading from Kubernetes 1.11 to 1.12 (JIRA: DEVOPS-2239).

3. Known Issues

  • An account could be lost if account tables are inconsistent between nodes. Make sure a backup is successful before proceeding with ANY upgrade (JIRA: PROD-4234).
  • When a node is removed from a 3-node cluster with build 4.2.2087, and the 2-node cluster is upgraded with build 4.3.xxxx, it is possible that the deploy job is exited and marked completed before cluster upgrade (JIRA: DEVOPS-2068). Workaround: If all the pods are healthy, you can deploy the version again.
  • The sync key API returns “400 status code and response error” due to the short-term access token expiry during the sync key operation of a group linked to AWS KMS (JIRA: PROD-3903).
  • exclude does not work in the proxy config for operations such as attestation (JIRA: PROD: 3311).

3. Installation

To download the DSM SGX (on-prem/Azure) and Software (AWS/Azure/VMWare) packages, click here.


Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful