Sunday, May 22, 2011

EJBCA 4.0.2 released

We are proud to release EJBCA 4.0.2. This release brings many optimizations and improvements to EJBCA 4.0. We regard this as the best version of EJBCA to date, setting new performance records as well as improving on the already extensive feature set. A thorough time for QA also assures that this should be one of the most stable releases in production for the coming months.

In all 44 issues have been resolved.

Noteworthy changes:
  • Internal optimizations makes this the fastest version of EJBCA ever, capable of issuing > 400 certificates/second (depending on configuration).
  • Certificate enrollment now works also with Safari and Chrome browsers and Android 2.3.4.
  • Support for PrivateKeyUsagePeriod certificate extension.
  • Fixed a time zone bug issuing CVC certificates where the date was encoded using local timezone instead of GMT in certificates.
  • More admin console and public web improvements from David Carella of Linagora.
  • Now uses ISO8601 date format consistently when entering dates in admin console.
  • Automatic generation of Norwegian UNID numbers from CMP requests.
  • Many small bug fixes and improvements.

The ISO8601 date format (yyyy-MM-dd HH:mm:ssZZ) is used in the Admin GUI and EJBCA WS interface,
so clients no longer have to be aware of in what time zone the CA servers are located.
The old format (in US Locale) will still work for incoming requests in the WS, but any returned
UserDataVOWS containing custom start and end date will use the new format.

Read the full Changelog for details.

The PrimeKey EJBCA Team

Tuesday, May 3, 2011

EJCBA 3.11.2 released

The PrimeKey EJBCA team is happy to announce that EJBCA 3.11.2 has been released! This is a maintenance release – 23 issues have been resolved. The most noteworthy changes can be seen below.
EJBCA 3.11.2 is a maintenance release in the 3.11 branch of EJBCA. The main release branch of EJBCA is the 4.0 branch, where 4.0.1 has been released, and 4.0.2 is upcoming.

EJBCA 3.11.2 Release Notes

Improvements and new features:
  • Increased algorithm support on PKCS11 HSMs.
  • Added a webservice based RA written by Daniel Horn.
  • It is now possible to disable the command line interface.
  • There are new commands to import CRLs and certificates which are useful when migrating to EJBCA.
  • Documented the fact that External OCSP does not run on JBoss 5.x.
  • Added GlassFish database schema for Oracle.
  • Added a webservice call for retrieving CA path.
Bug fixes:
  • Removed some unelegant error messages from the GUI.
  • Removed a bug that sometimes caused a day longer validity of certificates due to day light savings.
  • Fixed bug which prevented revokation after upgrading from EJBCA 3.4.x.
  • Fixed a bug causing some information to not be logged during WS calls.
  • Fixed a bug preventing revoked certificates to be republished to the VA server.
  • Republish button now works with special characters and without certificate request history.

Development continues beyond this version and all requests from the community are scheduled for EJBCA 3.11.3 or later releases.

More information is available at the project web site and the complete changelog can be viewed in the issue tracker.