Tuesday, August 7, 2018

Presenting EJBCA 6.14: A Plethora of Protocols

It's with no small amount of pride that we'd like to announce the release of EJBCA 6.14, one of the most feature rich releases to come out in a long while. Let's get straight to it, because we have quite a bit to discuss. 

New Features

EJBCA 6.14 introduces a ton of long awaited functionality primarily centered around protocols, to supplant our already extensive support for SCEP, CMP, EST and our homegrown WS API. 

The Certificate Management REST API

A long requested and requested feature is for EJBCA to support a spick and span new REST API, and EJBCA 6.14 introduces the first iteration of our Certificate Management REST Interface

Screenshot of the offline API documentation
So far we've only implemented basic certificate management methods, and we'll be slowly moving on with implementing more powerful features in the near future. 

You'll find the complete offline API as a part of our documentation here, or deployed locally with your EJBCA installation. For those of you wishing to integrate with EJBCA using REST we deploy Swagger on non-production installations in order to expose the API. Just like with all new protocols added to EJBCA, the REST API is disabled by default and needs to be manually activated. 
Sceenshot from the online Swagger UI

Complete Proxification of the EJBCA Web Services API 

A huge milestone for the EJBCA, we put in a huge effort into providing proxification for nearly all EJBCA WS calls. This means that CAs relying on communication with 3rd party applications can now be placed behind an outgoing-only firewall, with communications being relayed through an EJBCA RA. 

Roadmap Update

We're now looking forward to Q3 and EJBCA 7.0, which will be our next Common Criteria candidate. In doing so our goal is to make the complete technology leap from JSP to JSF in our CA UI, a first step to greatly improving the usability of EJBCA. Be also aware that EJBCA 7.0 will drop support for JDK7, so if you haven't upgraded to JDK8 or later yet we strongly recommend doing so. EJBCA 7.0 will also hopefully provide full support for the ACME protocol. 

Cheers!
Mike Agrenius Kushner
Product Owner, EJBCA