All releases of EJBCA
Release Notes: This release fixes a bug reading large OCSP requests over HTTP 1.1 using chunked encoding. It fixes a few minor XSS issues. It fixes an issue where building the Validation Authority (VA) failed on specific platforms. The VA health-check URL is now what it is claimed to be in the property file. You will need to reconfigure devices monitoring this URL. This release documents EJBCA integration with Djigzo. It adds a plug-in build system. It has improved support for Chinese in the admin GUI.
Release Notes: This release corrects comparison of public keys in HSM and CA certificates, fixes regression during republishing, and adds many small bugfixes.
Release Notes: Improved CMP interoperability, and minor improvements and bugfixes. A bug that made it impossible to delete end entity profiles on certain databases and hsql (test database) in particular was fixed.
Release Notes: Performance optimizations were made, so it is now possible to issue over 400 certificates per second (depending on configuration). Certificate enrollment now also works with Safari and Chrome browsers. Support for PrivateKeyUsagePeriod certificate extension was added. A time zone bug issuing CVC certificates was fixed. More admin console and public Web improvements were made. The ISO8601 date format is now used consistently when entering dates in the admin console. Norwegian UNID numbers are automatically generated from CMP requests. Many small bug fixes and improvements were made.
Release Notes: In this release, the underlying framework has changed from Java Enterprise Edition 2 to 5. EJBCA 4 will constitute the solid base for EJBCA for the coming years. The database schema is well defined for all supported application servers and databases. You are now able to switch application server. The Ingres database is supported without patching. Numerous features and improvements were made. Reliability of EJBCA services was improved. Many small bug fixes and stabilizations were made.
Release Notes: It is now possible to easily upgrade from EJBCA 3.6.x to 3.11.x. A MySQL mapping using the MyISAM storage engine and UTF-8 encoding was fixed. The ETSI QC value limit can now have the value zero. The admin GUI was improved. A new favicon was provided for the EJBCA Web interfaces. An issue with cached end entity profiles was fixed. Session information spill-over to other edits when using the "Back to certificate profiles" link was fixed. An issue with using the required flag on Cardnumber in end entity profiles was fixed. This also resolved an issue where the DN field Unstructured Address did not work.
Release Notes: This release implements RFC4387. It adds extended information to edit user WS-API. It has a GUI application for batch-enrollment from CSR. The external OCSP responder is also a CRL Distribution point. Options to issue certificates without database storage. Supplies a custom certificate serial number over CMP in RA mode, Supports one CMP RA secret per CA. Adds SSH and MS code signing extended key usage. Optimizations, GUI improvements, and minor bugfixes.
Release Notes: An admin GUI error running on JBoss 5 was fixed. Some issues with audit and approvals when using admin certificates issued by an external CA were fixed. The admin GUI was harmonized and its looks were improved. Caches of profiles and CAs were added and improved. Performance was improved. A CLI for clearing caches was added. An installation issue was fixed on Windows when JBoss is installed in the root directory. Re-publishing of certificates when CertReqHistory is not used was fixed. CertReqHistory is enabled by default for new CAs. The German translation was updated. Unrevocation is supported using WS-API.
Release Notes: The ability to specify custom a certificate serial number for end entities was added along with the ability to configure a CA to not use CertReqHistory to increase performance. The admin GUI was harmonized and looks were improved. Many performance optimizations were made. More than 100 certificates can now be issued per second under certain conditions. An issue where the WS API did not work with external administrator certificates was fixed. Potential XSS vulnerabilities in the admin GUI were mitigated. A bug when creating CRLs for CAs with a single quote in the DN was fixed. There were other admin GUI improvements, with better error messages in some cases.
Release Notes: The fact that EAC CVC Document Verifiers using ECC keys did not work properly was fixed. The requirement to use “Batch generation” when using CMP RA mode was removed. A problem in which revocation in the admin GUI did not work with CAs using accented characters was fixed. Code was added to mitigate potential cross site scripting in the administration GUI. UTF-8 URI encoding was added for the public HTTP port.
