Wednesday, January 25, 2012

EJBCA 5.0.2 released, delivered for Common Criteria Certification

23 January 2011 - Stockholm, Sweden

Primekey proudly presents the 5.0.2 maintenance release of EJBCA. This release is the candidate for Common Criteria for Information Technology Security Evaluation (Common Criteria) certification, and a majority of the effort for this release has been devoted to addressing issues to meet Common Criteria's exacting standards.

Quite some effort was also put into stabilizing the 5.0.x release for production use, including improvements of performance and usability.

EJBCA 5.0.2 Release Notes

A maintenance release containing a couple of small features and many bug fixes. The following are a selection of the most noteworthy:

  • New features:

    • Support has been added for incorporating external plugins in the EJBCA EAR file at build time, allowing the addition of custom administrative capabilities and specialized RA systems.

  • Bug fixes:

    • The Web interface has been thoroughly audited and cleaned from XSS issues.

    • Authorization checks have tightened up in accordance to Common Criteria demands.

    • Audit logging has been improved and fixed where lacking.

Development continues beyond this version and all requests from the community are scheduled for EJBCA 5.0.3 or later releases.

More information is available at the project web site and the complete change log can be viewed in the issue tracker.

For more information, please contact:

Tomas Gustavsson, CTO, PrimeKey Solutions AB, tel: +46(0)707 42 10 96, e-mail:

PrimeKey Solutions AB

PrimeKey is the world's leading open source PKI (public key infrastructure) company, and founders and commercial force behind some of the most downloaded open source PKI projects – EJBCA and SignServer.

An open source security software pioneer, PrimeKey provides enterprise class solutions to key public and commercial sector clients worldwide. Organizations turn to PrimeKey's open source software platforms to implement security solutions (such as e-passports, product authenticity, document signing, digital signatures, unified digital identities) and their associated high speed and high availability validation.

PrimeKey's enterprise class integration, training and support services and dedication to open standards help customers achieve their organizational goals.

The EJBCA Project

EJBCA PKI is a Certification Authority and a complete enterprise PKI management system, delivered either as an integrable part or as a turnkey solution. EJBCA OCSP and EAC are sub functions of EJBCA PKI, and are used for on-line validation and ePassports.

EJBCA offers great advantages such as excellent cost-effectiveness, unmatched flexibility, complete integration – and full professional maintenance and support by PrimeKey.

No comments: