Release notes for IBM zSecure Secret Manager

Edit online

These release notes provide announcements, important notices, and information about the initial availability of IBM® zSecure Secret Manager.

To run IBM zSecure Secret Manager, ensure that compatible versions of IBM Vault (IBM Vault Self-Managed for Z and LinuxONE is the recommended solution) and required supporting components are installed and available in your environment. For more information, see Install IBM zSecure Secret Manager.

IBM zSecure Secret Manager 3.2.0

IBM zSecure Secret Manager is now available.

This release introduces IBM zSecure Secret Manager, providing automated certificate renewal for RACF-managed certificates and secure integration with private certificate authorities.

IBM zSecure Secret Manager uses local providers to protect sensitive authentication data and remote providers to define connections to private certificate authorities. Certificate renewal behavior is controlled through policy-based configuration, enabling consistent and secure certificate lifecycle management.

Before using IBM zSecure Secret Manager, complete the required environment setup and configuration as described in Install IBM zSecure Secret Manager.

Version 3.2.0 known limitations

  1. In RACF environments with a large number of certificates (greater than 1000), the certificate renewal process in IBM zSecure Secret Manager can encounter performance and stability constraints during extended run times.
  2. If SMSVSAM terminates while the IBM zSecure Secret Manager started task is active, database operations are not retried automatically. After SMSVSAM is restarted, you must restart the IBM zSecure Secret Manager started task.
  3. Certificate renewal is not supported for a certificate owner if any personal certificate without an associated private key exists for that owner.