|Applies To||Keon Certificate Authority 6.0.2|
Microsoft Windows 2000 Server SP4
|Issue||RSA Keon Certificate Authority Admin reloads during LDAP SEARCH for all active certificates|
Intermittently during certificate external publishing process (usually after 5 or 6 successful postings), the KCA Admin service appears to fail. The page is not available, and there is a message in the application event log that the KCA Admin service has reloaded.
When the Publish button is clicked on approved certificates, the Apache administration server occasionally reloads (crashes). This does not cause a disruption in service, since the server automatically starts again.
|Cause||The problem was in XudaCAPublishCertificate(), the manual publishing Keon API function. The crash occurred because a XANY object was freed twice. The temporary object was created by the xparse wrapping code, and passed to the Keon API function. Within XudaCAPublishCertificate(), XudaXPTIA5Get() was called for that object. Because the object was temporary, XudaXPTIA5Get() freed it, but without initializing it to NULL. In the cleaning part of XudaCAPublishCertificate(), the same object was freed the second time, generating an Apache crash.|
|Resolution||This issue has been resolved in a hot fix to RSA Keon Certificate Authority 6.0.2. Contact RSA Security Customer Support and asked for the hot fix for KCA 6.0.2 build 119 or newer.|
|Legacy Article ID||a21852|