Tuesday, December 27, 2011

EJBCA 4.0.7 released

EJBCA PKI 4.0.7 was released as a Christmas gift on the 25th of December 2011.

A maintenance release containing 6 bug fixes and 4 new features or improvements.
New features
  • Documented EJBCA integration with the secure email server Djigzo.
  • Added a plug-in build system.
Bug fixes
  • Fixed an error reading large OCSP requests in some cases.
  • Fixed a few minor XSS issues.
  • Fixed a build issue of the Validation Authority on some platforms.
  • Improved support for Chinese in the admin console.

Development continues beyond this version and all requests from the community are scheduled for EJBCA 4.0.8 or later releases.

More information is available at the project web site and the complete changelog can be viewed in the issue tracker.

Wednesday, December 21, 2011

SignServer 3.2.1 released

SignServer v 3.2.1 was recently released. The server side (PKI) document signature server gained a lot of improvements to PDF digital signing.
Secure PDF documents are a lot more complex than you'd think at first. There are a lot of security options, and several passwords and mechanisms to protect the various security aspects.

Major new features and improvements
  • Improved servlet error handling.

  • Deploy documentation with application.

  • Improved API for archiving.

  • Support for signing PDFs with document restrictions.

  • Support for: PDF permissions enforcement; modification of PDF permissions; setting PDF permission passwords.

  • Refuse to certify PDFs already certified and refuse to sign when signing is not
    allowed.

Bug fixes
  • Remote EJB worker interface could not be used with ECC with explicit parameters.

  • Warnings printed on STDERR.

  • Web service interface did not log XFORWARDEDFOR headers.

  • Typo in sample configuration for PDFSigner.

  • Setting healthcheck properties had no effect.

  • CRL download should close streams correctly and allow for caching.

  • Supplied username and password ignored in SigningAndValidationWS.

  • Unit tests failed in certain situations.

  • Ant target for testing individual tests did not work.

  • Switching application server type did not update jndi.properties.

  • JavaDoc failed to build.

SignServer 3.2.1 is a great tool to digitally sign and secure different types of documents. And of course it integrates well with EJBCA.

Thursday, December 1, 2011

EJBCA - Djigzo integration

The Djigzo email encryption gateway has a new release out with easy integration with EJBCA.

Basically it allows an email encryption gateway to automatically connect to EJBCA for certificate management. This makes it possible for a truly transparent, for users, email encryption solution.

For more info see the Guide at EJBCA.org.

You can also read the full EJBCA Setup Guide over at Djigzo.com.

EJBCA 4.0.6 released

Old news by now, but I'm travelling in Asia...

It is only a minor release, but it's good to have the blog complete :-)

The PrimeKey EJBCA team is happy to announce that EJBCA 4.0.6 has been released! This is a maintenance release — 4 issues have been resolved. The most noteworthy changes can be seen below.
EJBCA 4.0.6 release notes

A maintenance release containing 3 bug fixes and 1 new feature.

New features:
  • CMP, Implement message type KeyUpdateRequest.
Bug fixes:
  • Fixed importing empty CRL via CLI.
  • Fixed minor CMP and XSS issues.

Development continues beyond this version and all requests from the community are scheduled for EJBCA 4.0.7 or later releases.

More information is available at the project web site and the complete changelog can be viewed in the issue tracker.