Release Notes: A new Crypto Token concept. Complete GUI support for configuring software and hardware security modules. CMP configuration in the GUI, supporting multiple different configurations through CMP Aliases. A new Internal Key binding concept merges the Certificate Authority and Validation Authority functionality. Support for Java 7 and JBoss 7. Support for OCSP extended revoked status compliant with RFC6960. OCSP RFC5019 responses with unknown response code are no longer cached. Support for OCSP archive cutoff date for expired certificates. Speedups when starting the command line interface.
Release Notes: This is a maintenance release containing a few new features and improvements. Noteworthy changes: the ability for External OCSP responder key renewal at absolute times. Certificate expiration notifier can now filter on certificate profiles, not only CAs. A publisher for sampling of issued certificates. User-friendly output of certificate profile dependencies when deletion can not be done. A new language tool for developers and localizers. OCSP rekeying now works on JBoss 6.1.0 and JBoss EAP5.
Release Notes: This release fixes a bug reading large OCSP requests over HTTP 1.1 using chunked encoding. It fixes a few minor XSS issues. It fixes an issue where building the Validation Authority (VA) failed on specific platforms. The VA health-check URL is now what it is claimed to be in the property file. You will need to reconfigure devices monitoring this URL. This release documents EJBCA integration with Djigzo. It adds a plug-in build system. It has improved support for Chinese in the admin GUI.
Release Notes: This release corrects comparison of public keys in HSM and CA certificates, fixes regression during republishing, and adds many small bugfixes.
Release Notes: Improved CMP interoperability, and minor improvements and bugfixes. A bug that made it impossible to delete end entity profiles on certain databases and hsql (test database) in particular was fixed.
Release Notes: Performance optimizations were made, so it is now possible to issue over 400 certificates per second (depending on configuration). Certificate enrollment now also works with Safari and Chrome browsers. Support for PrivateKeyUsagePeriod certificate extension was added. A time zone bug issuing CVC certificates was fixed. More admin console and public Web improvements were made. The ISO8601 date format is now used consistently when entering dates in the admin console. Norwegian UNID numbers are automatically generated from CMP requests. Many small bug fixes and improvements were made.
Release Notes: In this release, the underlying framework has changed from Java Enterprise Edition 2 to 5. EJBCA 4 will constitute the solid base for EJBCA for the coming years. The database schema is well defined for all supported application servers and databases. You are now able to switch application server. The Ingres database is supported without patching. Numerous features and improvements were made. Reliability of EJBCA services was improved. Many small bug fixes and stabilizations were made.
Release Notes: It is now possible to easily upgrade from EJBCA 3.6.x to 3.11.x. A MySQL mapping using the MyISAM storage engine and UTF-8 encoding was fixed. The ETSI QC value limit can now have the value zero. The admin GUI was improved. A new favicon was provided for the EJBCA Web interfaces. An issue with cached end entity profiles was fixed. Session information spill-over to other edits when using the "Back to certificate profiles" link was fixed. An issue with using the required flag on Cardnumber in end entity profiles was fixed. This also resolved an issue where the DN field Unstructured Address did not work.
Release Notes: This release implements RFC4387. It adds extended information to edit user WS-API. It has a GUI application for batch-enrollment from CSR. The external OCSP responder is also a CRL Distribution point. Options to issue certificates without database storage. Supplies a custom certificate serial number over CMP in RA mode, Supports one CMP RA secret per CA. Adds SSH and MS code signing extended key usage. Optimizations, GUI improvements, and minor bugfixes.
Release Notes: An admin GUI error running on JBoss 5 was fixed. Some issues with audit and approvals when using admin certificates issued by an external CA were fixed. The admin GUI was harmonized and its looks were improved. Caches of profiles and CAs were added and improved. Performance was improved. A CLI for clearing caches was added. An installation issue was fixed on Windows when JBoss is installed in the root directory. Re-publishing of certificates when CertReqHistory is not used was fixed. CertReqHistory is enabled by default for new CAs. The German translation was updated. Unrevocation is supported using WS-API.