All releases of WebCert
Release Notes: The implementation of the "Extended Key Usage" attribute now allows the creation of certificates that require this extension. The following extended key usage types have been implemented through a new setting in the certificate verification screens: serverAuth, clientAuth, codeSigning, emailProtection, timeStamping, and ocspSigning.
Release Notes: An issue where the nasty P12 export function still created a zero byte P12 file when no private key was pasted at all was fixed. There is now an extra comment on the Web request form that the private key file is really needed for PKCS12 export.
Release Notes: The P12 export function failed when a private key was pasted with multiple trailing empty lines, creating a empty zero byte p12 file. A link for a S/MIME certificate creation how-to was added to help.
Release Notes: Generation of S/MIME certificates is fully supported. The new certexport.cgi convienently converts an existing PEM certificate into either DER or PKCS12 format. The certsearch.cgi function has been expanded to filter certificates by their serial number. The [Go Back] button in genrequest.cgi now correctly refers back to buildrequest.cgi instead of pointing to certrequest.cgi. The latest CGI were missing in the top level Makefile. The REQLEN parameter was too small for certificates with a 4096 bit key. A minor display bug in the HTML table of getcert.cgi was fixed.
Release Notes: The new CGI certsearch.cgi can search in all exisiting certificates, filtering the cert store per subject field, validation, or expiration date. This helps to identify certificates that are about to expire and renew them before they become invalid. Font cleanup was done in certverify.cgi and genrequest.cgi for a consistent look and feel.
Release Notes: certstore.cgi got a new column which displays how long the certificate is still valid. It is shown as a pseudo-graphical bar representing the percentage of time left compared to the certificate lifetime. A second entry shows the remaining time in a appropriate context. The selection to display a certificate either in PEM or TXT format has been added to certstore.cgi for quicker access.
Release Notes: Certificate options can be set: Client, Server, Signing, E-Mail, and CA. The certificate expiration date can now be set in days. If you want to experiment with a short validity, set days to 1. Expired certificates are now marked (red notifier in the list) by comparing their expiration date to the date of the WebCert host. This release has been verified to work with OpenSSL 0.9.8a.
No changes have been submitted for this release.
