Friday, August 24, 2018

Minor Release: EJBCA 6.14.1

Hi folks, we'd like to send the summer off with a minor release based the latest version of EJBCA: 6.14.1
This minor primarily fixes some issues that some users reported when running EJBCA 6.14 on JBoss 7.1.1GA, due to some race conditions and library collisions in that particular version that didn't come up during testing. We also took the chance to fix some other minor issues that came up late during QA that we believe should hold you over for the time being. For a full list of new features and implemented improvements in EJBCA 6.14, see the EJBCA 6.14 Release Notes.
In other news, we've decided to release our ACME implementation before moving on to EJBCA 7.0, so you can look forward to seeing EJBCA 6.15 in the next few weeks. 
This minor release does not involve any upgrade steps or notable database changes. Read the EJBCA 6.14 Upgrade Notes for important information about the release. For upgrade instructions and information on upgrade paths, see Upgrading EJBCA.

Tuesday, August 7, 2018

Presenting EJBCA 6.14: A Plethora of Protocols

It's with no small amount of pride that we'd like to announce the release of EJBCA 6.14, one of the most feature rich releases to come out in a long while. Let's get straight to it, because we have quite a bit to discuss. 

New Features

EJBCA 6.14 introduces a ton of long awaited functionality primarily centered around protocols, to supplant our already extensive support for SCEP, CMP, EST and our homegrown WS API. 

The Certificate Management REST API

A long requested and requested feature is for EJBCA to support a spick and span new REST API, and EJBCA 6.14 introduces the first iteration of our Certificate Management REST Interface

Screenshot of the offline API documentation
So far we've only implemented basic certificate management methods, and we'll be slowly moving on with implementing more powerful features in the near future. 

You'll find the complete offline API as a part of our documentation here, or deployed locally with your EJBCA installation. For those of you wishing to integrate with EJBCA using REST we deploy Swagger on non-production installations in order to expose the API. Just like with all new protocols added to EJBCA, the REST API is disabled by default and needs to be manually activated. 
Sceenshot from the online Swagger UI

Complete Proxification of the EJBCA Web Services API 

A huge milestone for the EJBCA, we put in a huge effort into providing proxification for nearly all EJBCA WS calls. This means that CAs relying on communication with 3rd party applications can now be placed behind an outgoing-only firewall, with communications being relayed through an EJBCA RA. 

Roadmap Update

We're now looking forward to Q3 and EJBCA 7.0, which will be our next Common Criteria candidate. In doing so our goal is to make the complete technology leap from JSP to JSF in our CA UI, a first step to greatly improving the usability of EJBCA. Be also aware that EJBCA 7.0 will drop support for JDK7, so if you haven't upgraded to JDK8 or later yet we strongly recommend doing so. EJBCA 7.0 will also hopefully provide full support for the ACME protocol. 

Mike Agrenius Kushner
Product Owner, EJBCA