|Applies To||RSA ClearTrust 5.0.1|
RSA ClearTrust Dispatcher/Key Server
|Issue||Key Server no longer has the capability to validate incoming key list requests against the DNS name created for the Key Client|
|Resolution||To correct this issue, contact RSA Security Customer Support and reference hot fix 00036951. This hot fix adds a parameter "cleartrust.keyserver.session_key_dns_check=true" that forces the Key Server to validate incoming key requests against the DNS name created originally for this client.|
If the request comes from a secret which does not match the DNS name, the client will be denied access to the current key list.
|Legacy Article ID||a18260|