As a part of "Pega Security Advisory - Apache Log4j - Vulnerability Hotfixes for Pega 8.6 "
When we tried to import using hot fix manager from UI, getting below error message
Signature verification failed for DL-7577_HF-54923.zip: Failed to verify signatures:
@Bharath Suntigikar we also got same error while importing these hfixes.Set hotfixmanager/enableRevocation DSS to false and it will work.
@Bharath.Suntigikar Setting this DSS is a workaround that disables a security feature in the product. It is not the correct solution to this environment hot fix installation issue.
Hi @CelesteDufresne_GCS - If setting up the DSS value is not the process as it disables the security feature, can you please suggest the right steps to be followed for the same.
@Subin Jerald https://docs.pega.com/bundle/platform/page/platform/deployment/hotfixes-verify-authenticity.html this mentions different ways to solve this problem. One of them is of course to set the DSS to false