This is a maintenance release with in total 13 tickets resolved.
The most noteworthy changes can be seen below. Development continues beyond this version and all requests from the community are scheduled for SignServer 3.4.3 or later releases. More information is available at the project web site and the complete changelog can be viewed in the issue tracker.
Major new features and improvements:
- Uses PKCS#11 crypto token implementation from the Common Criteria certified CESeCore
- Support for starting audit log verification from a specified sequence number
- Option to archive all X-Forwarded-For addresses
- Option to include the ordering field in time-stamp tokens even if the
- field has value false
- Option to not include the signingTime CMS attribute in time-stamp signer
- Option to cache PKCS#11 key reference to increase performance
- Includes IssuerSerial in the SigningCertificate attribute in
- time-stamp signer
- HSM auto activation was not working when signed audit log were used
- Key generation was not working with slotListIndex
- ClientCLI over web services was not working unless includemodulesinbuild was specified
The PrimeKey SignServer team