If the CSP Compliance Manager appliance is deployed in a resource-constrained environment, the Discovery data source will not be configured automatically.  If this happens, please contact Entrust support for a workaround. 

When you upgrade the CSP Compliance Manager appliance, you might receive the following alert: "A support event has occurred." This is caused by some Linux services restarting during the upgrade and can be safely ignored.  

When the CSP Compliance Manager node is restarted after connecting KeySafe5 agent from CSP Vault, it may take up to 15 minutes for the KeySafe5 services to access the GUI. During that time, if you attempt to access the KeySafe5 GUI you will see a service unavailable error.  

When connected to the Cryptographic Security Platform Certificate Manager as a data source, you may see a cryptographic asset count mismatch between the Cryptographic Security Platform Certificate Manager and the Cryptographic Security Platform Compliance Manager. This is because the Certificate Manager does not count or show archived certificates, and the Cryptographic Security Platform Compliance Manager counts all certificates in the data source.

Compliance operation parameter values are not currently validated while the operation is being configured. Administrators are responsible for ensuring that parameter values are configured correctly as required for each operation.

When deploying on Azure, ensure that you select the correct size for your instance. If you select a smaller size, the Cryptographic Security Platform Compliance Manager may not function correctly. For more information on sizing, see the Deploying a Cryptographic Security Platform Compliance Manager Node in Azure section in the Installation and Upgrade Guide.

When you create a connection between Cryptographic Security Platform Compliance Manager and Cryptographic Security Platform Vault, a single node in the Cryptographic Security Platform Compliance Manager receives the data from the entire Cryptographic Security Platform Vault cluster. If that single node in the Cryptographic Security Platform Compliance Manager is removed or destroyed, you would need to create a new connection to reconnect to Cryptographic Security Platform Vault.

Cryptographic Security Platform Compliance Manager requires a CPU with AVX (Advanced Vector Extensions) support for the MongoDB database that is installed with our product. If you are using an older CPU, please check that it includes the AVX instruction set. For more information, see https://en.wikipedia.org/wiki/Advanced_Vector_Extensions#CPUs_with_AVX.

Note: If you are using VMware EVC (Enhanced vMotion Compatibility), you must ensure that the EVC mode that you selected supports the AVX instruction set.

Please ensure that port 443 is opened to allow communication from CSP Vault to CSP Compliance Manager.

Cryptographic Security Platform Compliance Manager can not validate that the Client ID and Client Secret are correct when you configure OIDC using IDaaS. If these values are incorrect, you will not be able to log in to Cryptographic Security Platform Compliance Manager. Please ensure that these values are correct before you save the configuration. We recommend that you copy and paste the values from the provider's page to avoid typos.

If you have a 3-node cluster with 2 nodes with a status of offline or unavailable, attempting to remove one of the nodes will fail with a server error. If this happens, please click the Multi-Select checkbox at the top right of the window, select both nodes, and then select Actions > Remove to remove them together.

For this release, we support up to 25 tenants.

•  When navigating between Tenant Management and Appliance Management, you will need to reauthenticate by entering your credentials. This applies to all users except the "secroot" user. 
• You cannot use Single Sign-On across multiple browser tabs. Each tab requires its own authentication.