Configuration Issues

The following page provides information about implemented configuration issues:

Not In Production Mode

Produces a single ticket with priority INFO when EJBCA is running in non-production mode.

It is possible to run system tests (on purpose or by accident) on such an instance, and additional tools for developers are available. A production environment should never have an instance running in non-production mode for security reasons.

To put EJBCA in production mode, make the following adjustment in the configuration file and redeploy EJBCA.

Switch to production mode


ECC With Key Encipherment

Produces one ticket with priority WARN, for each certificate profile supporting an ECC-based signature scheme while having the key usage keyEncipherment enabled at the same time. 

Section 3 of RFC 5480 defines the keyUsage bits allowed with Elliptic Curve Cryptography Subject Public Key Information. Key Encipherment is not on the list.