Release Notes: WebCert is now UTF-8 clean and can handle international characters. Certificates in Japanese are now looking great. Specific start and end dates allow the creation of certs with a lifetime of minutes, or certs with future dates. SubjectAltName extensions expanded from two to four. Display functions were overhauled: text and PEM format is shown on a single page. Validation of remote servers can now display the remotely received certificate chains, i.e. the intermediate and root certificates. HTML code validates as "XHTML v1.0 transitional".
Release Notes: The new certificate validation function "certvalidate.cgi" allows the analysis of the signing certificate chain, both for a local certificate or for a remote server. The implementation of SubjectAltNames now allows the creation of multi-purpose certificates. The obsolete "Netscape Comment" extension for server certificates has been removed. Submitted certificate requests are now signed including their requested extensions. Since version 1.7.4, WebCert's version control has moved to Github.
Release Notes: The implementation of the "Extended Key Usage" attribute now allows the creation of certificates that require this extension. The following extended key usage types have been implemented through a new setting in the certificate verification screens: serverAuth, clientAuth, codeSigning, emailProtection, timeStamping, and ocspSigning.
Release Notes: An issue where the nasty P12 export function still created a zero byte P12 file when no private key was pasted at all was fixed. There is now an extra comment on the Web request form that the private key file is really needed for PKCS12 export.
Release Notes: The P12 export function failed when a private key was pasted with multiple trailing empty lines, creating a empty zero byte p12 file. A link for a S/MIME certificate creation how-to was added to help.
Release Notes: Generation of S/MIME certificates is fully supported. The new certexport.cgi convienently converts an existing PEM certificate into either DER or PKCS12 format. The certsearch.cgi function has been expanded to filter certificates by their serial number. The [Go Back] button in genrequest.cgi now correctly refers back to buildrequest.cgi instead of pointing to certrequest.cgi. The latest CGI were missing in the top level Makefile. The REQLEN parameter was too small for certificates with a 4096 bit key. A minor display bug in the HTML table of getcert.cgi was fixed.
Release Notes: The new CGI certsearch.cgi can search in all exisiting certificates, filtering the cert store per subject field, validation, or expiration date. This helps to identify certificates that are about to expire and renew them before they become invalid. Font cleanup was done in certverify.cgi and genrequest.cgi for a consistent look and feel.
Release Notes: certstore.cgi got a new column which displays how long the certificate is still valid. It is shown as a pseudo-graphical bar representing the percentage of time left compared to the certificate lifetime. A second entry shows the remaining time in a appropriate context. The selection to display a certificate either in PEM or TXT format has been added to certstore.cgi for quicker access.
Release Notes: Certificate options can be set: Client, Server, Signing, E-Mail, and CA. The certificate expiration date can now be set in days. If you want to experiment with a short validity, set days to 1. Expired certificates are now marked (red notifier in the list) by comparing their expiration date to the date of the WebCert host. This release has been verified to work with OpenSSL 0.9.8a.