PCoIP Connection Manager 1.8.2 and PCoIP Security Gateway 1.14.1 Release Notes¶
Release Overview
PCoIP Connection Manager 1.8.2 and PCoIP Security Gateway 1.14.1 are infrastructure components in the Teradici All Access solution.
These release notes provide a summary of key feature additions, compatibility notes, resolved issues, and known issues for this release.
What’s New in This Release
Security fixes
Important Notes and Requirements
- PCoIP Connection Manager 1.8.2 is available as an RPM deliverable that includes version 1.14.1 of the PCoIP Security Gateway. Two deliverables accompany the RPM:
- Third-Party Dependencies RPM
- Installation script
- The Third-Party Dependencies RPM must be installed before the PCoIP Connection Manager and Security Gateway RPM. For convenience, the installation script will install:
- Third-Party Dependencies RPM
- Additional dependencies
- PCoIP Connection Manager/Security Gateway RPM
Release Downloads
Related Documents and Software
- Teradici PCoIP® Connection Manager 1.8 and Security Gateway 1.14 Administrators’ Guide
- Open-source and third-party components
Release History
| Version/Build | Date | Description |
|---|---|---|
| 1.8.0/1.14.0 | July 2017 | General availability release |
| 1.8.1/1.14.1 | November 2017 | Security fixes |
| 1.8.2/1.14.1 | July 2018 | Security fixes |
Compatibility
| Compatibility Notes | Products | ||||
|---|---|---|---|---|---|
| Tera1 Zero Clients | Tera2 Zero Clients | PCoIP Software Clients (Win and Mac) | PCoIP Mobile Clients (iOS and Android) | PCoIP Chrome OS Client | |
| PCoIP Connection Manager 1.8 | No | Yes | Yes | Yes | Yes |
PCoIP Connection Manager does not use addresses from /etc/hosts (42009)¶
If the broker is configured to identify resources by host name, then DNS must be available and properly configured so that the host names are resolvable from the server hosting the PCoIP Connection Manager and from the machines from which PCoIP clients will connect. In particular, resources in Microsoft RDWA are typically configured using host names, so DNS must be used when deploying the PCoIP Connection Manager with RDSH.
PCoIP Connection Manager no longer supports MD5 certificates (40774)¶
When cm_setup.sh is used to install PCoIP Connection Manager, the latest version of JDK 1.8.0 is also installed. As of JDK 1.8.0_71, Java no longer supports certificates that include an MD5-based digital signature algorithm. Thus any PCoIP Connection Manager installations performed with cm_setup.sh after the release of JDK 1.8.0 (Jan 19, 2016) will not support certificates that include an MD5-based digital signature algorithm, even though installations performed before that date do support those certificates.
Workaround:
To allow certificates that include an MD5-based digital signature algorithm until new certificates can be obtained, perform the following steps:
-
As root, open /etc/alternatives/jre_1.8.0/lib/security/java.security in an editor.
-
Locate the setting for jdk.certpath.disabledAlgorithms.
-
Remove MD5 from the list.
-
Save the file and exit.
-
Restart PCoIP Connection Manager.
PCoIP Connection Manager no longer supports certificates with RSA key lengths less than 1024 bits (40237)¶
If the broker or the PCoIP agent uses a certificate with an RSA key length less than 1024 bits, communication with the PCoIP Connection Manager will fail.
PCoIP Connection Manager does not work if PCoIP Security Gateway ExternalRoutableIP is not set (39455)¶
If /etc/SecurityGateway.conf is present but does not contain a setting for ExternalRoutableIP, the PCoIP Connection Manager may not work or clients may not be able to connect to the PCoIP Connection Manager, even if the connection manager is configured to not use the PCoIP Security Gateway.
Workaround:
If the PCoIP Connection Manager is configured to use the PCoIP Security Gateway, ensure that the ExternalRoutableIP setting in /etc/SecurityGateway.conf is configured to an IP address that clients can reach.
If the PCoIP Connection Manager is not configured to use the PCoIP Security Gateway, remove or rename /etc/SecurityGateway.conf.
Client fails to connect when ExternalRoutableIP is not configured (38140)¶
If the ExternalRoutableIP setting is not configured in /etc/SecurityGateway.conf, both the PCoIP Security Gateway and PCoIP Connection Manager will start up and appear to operate normally, but clients will not be able to connect to launched sessions.
Workaround:
Always ensure that the ExternalRoutableIP setting is properly configured in /etc/SecurityGateway.conf and ensure that it can be reached from the client network(s).
Administrator to perform or automate regular log file monitoring and cleanup (18701)¶
The PCoIP Connection Manager and Security Gateway do not provide a regular cleanup service for their log files. Log files can potentially fill all the storage space of the system if not monitored and cleaned up.
Workaround:
Configure the server to monitor the disk space usage and perform a regular clean-up. An example is provided on the PCoIP Connection Manager Reference VA at:
- /opt/Teradici/Management/bin/clean_logs.py
- /etc/cron.d/clean_logs
PCoIP Connection Manager does not support Internationalized Domain Names (IDNs) (5513)¶
The PCoIP Connection Manager does not support domain names that contain characters outside the standard ASCII subset defined by RFC 1035 and RFC 1123.
Workaround:
None