In order to insure that the appropriate JSS is utilized by certificate system, update the version number from 4.2.5 to 4.2.6, and make certain that all PKI dependencies have been updated to require "jss >= 4.2.6".
Created attachment 346331 [details] JSS Spec file
Created attachment 346332 [details] jss_key_pair_usage_with_op_flags.patch
I have placed all of the i386 and x86_64 JSS rpms in FC8, FC9, and FC10 Dogtag yum repos: http://pki.fedoraproject.org/wiki/PKI_Download
The tarball being used is incorrect, it still contains JSS 4.2.5.
% tar xzf jss-4.2.6.tar.gz % grep JSS_VERSION jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssver.h #define JSS_VERSION "4.2.5"
Removed previously built i386 and x86_64 JSS rpms from FC9 and FC10 Dogtag yum repos since official versions for these platforms are now available via koji.fedoraproject.org. Rebuilt i386 and x86_64 JSS rpms for FC8 with correct tarball and updated patches, and replaced these RPMS in the FC8 Dogtag yum repos as release 2.