Configuration Issues

The following page provides information about implemented configuration issues:

Not In Production Mode

Produces a single ticket with priority INFO when EJBCA is running in non-production mode.

It is possible to run system tests (on purpose or by accident) on such an instance, and additional tools for developers are available. A production environment should never have an instance running in non-production mode for security reasons.

To put EJBCA in production mode, make the following adjustment in the configuration file ejbca.properties and redeploy EJBCA.

Switch to production mode

ejbca.productionmode=true

ECC With Key Encipherment

Produces one ticket with priority WARN, for each certificate profile supporting an ECC-based signature scheme while having the key usage keyEncipherment enabled at the same time. 

Section 3 of RFC 5480 defines the keyUsage bits allowed with Elliptic Curve Cryptography Subject Public Key Information. Key Encipherment is not on the list.