See below for the known issues common to all PKI Hub 1.1.0 installations on Cryptographic Security Platform 1.0.0.
Occasional restore failures of single-node installations (EDM-16171)
The process described in Restoring PKI Hub fails 75% of the time on single-node installations.
Workaround: Run the clusterctl uninstall command to uninstall the cluster, and re-try Restoring PKI Hub.
Session expiration does not redirect to the login page (ATEAM-17362)
When a user session expires, the Management Console does not automatically redirect to the login page.
Upgrade process is not idempotent (EDM-18747)
Due to behavior in the drain step, this upgrade path is not idempotent.
From version | To version |
|---|---|
Cryptographic Security Platform 1.0 - PKI Hub 1.1 | Cryptographic Security Platform 1.1 - PKI Hub 1.2 |
If this upgrade fails, use the following workaround to restore the initial state before retrying:
- List all
StatefulSetsacross namespaces.sudo kubectl get statefulsets --all-namespaces --output jsonpath='{range .items[*]}{.metadata.namespace}{"\t"}{.metadata.name}{"\t"}{.status.replicas}{"\n"}{end}' - Scale any
StatefulSetwithreplicas = 0back up to 1.sudo kubectl scale --namespace auth-service statefulset auth-service --replicas1 - Check all pods.
sudo kubectl get pods -A - When all pods are ready, retry the upgrade.
CVE-2026-31431 Vulnerability (EDM-21489)
The Linux kernel used in PKI Hub is affected by the CVE-2026-31431 vulnerability.