EJBCA 4.0.16 released

The PrimeKey EJBCA team is happy to announce that EJBCA 4.0.16 has been
released! This is a maintenance release of the EJBCA Community version –
3 issues have been resolved. The most noteworthy changes can be seen below.
This maintenance release contains 1 new feature and 2 bugfixes.

• It is now possible to store the Base64 certificate data in a separate table. This can improve database scalability for massive scale PKIs with hundreds of millions of certificate.

• Fixed possible database rollback when CRL publishing failed.

• Fixed a possible exception viewing old log in the Admin GUI.

Please visit http://www.ejbca.org/ for more information.

SignServer 3.4.1 released

11 June 2013 — Stockholm, Sweden

The PrimeKey SignServer team is happy to announce that SignServer 3.4.1 has been released! This is a maintenance release – in total 19 features, options, bugs and stabilizations have been fixed or added. The most noteworthy changes can be seen below.

SignServer *3.4.1* release notes

• New features and improvements

  • Support for specifying the signature algorithm in CMS signer.
  • Added support for IPv6 and multiple proxies in ListBasedAddressAuthorizer.
  • Added an option to set the correct TSA name from the subject DN automatically for the time stamp signer.
  • Support for the signerCertificate attribute in the MS Authenticode time stamp signer.
  • Support for generating CSR with ECDSA explicit parameters in the admin GUI and the RenewalWorker.
  • Log worker name in the worker log.
  • Easy import of issuer and serial number from certificate in admin GUI, when adding administrator rules.
  • All workers report themselves as offline when misconfigured.
  • Added health check rate limiter.
  • Added database setup scripts for PostgreSQL.

• Bug fixes

  • ContentInfo contained a double encoded octet string in the MS Authenticode time stamp signer.
  • Unauthorized health check queries incorrectly logged.

Development continues beyond this version and all requests from the community are scheduled for SignServer 3.4.2 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker.

EJBCA 4.0.15 released

10 May 2013 — Stockholm, Sweden

The PrimeKey EJBCA team is happy to announce that EJBCA 4.0.15 has been released! This is a maintenance release — 5 issues have been resolved. The most noteworthy changes can be seen below.

EJBCA PKI *4.0.15* release notes

A maintenance release containing 2 new features and 3 improvements.

• New Features

  • It is now possible to publish certificate serial number in LDAP using a custom LDAP schema.
  • When creating link certificates, a certificate profile can now be used.

• Improvements

  • Two new fields (C and UID) added to end entity email notification, by David Carella.
  • Debug log message when healthcheck fails, makes debugging easier.

• Bug fixes

  • No bugs found!

Development continues beyond this version and all requests from the community are scheduled for EJBCA 4.0.16 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker.

SignServer 3.4.0 released

3 April 2013 — Stockholm, Sweden

The PrimeKey SignServer team is happy to announce that SignServer 3.4.0 has been released! This is a major release – in total 27 features, options, bugs and stabilizations have been fixed or added. The most noteworthy changes can be seen below.

SignServer *3.4.0* release notes

• Major changes

  • Secure logging to database using CESeCore.
  • Support for querying audit log from CLI, GUI and web services.
  • Configurable which Status Repository updates to log.
  • Access group for auditors.
  • Database CLI for verifying audit log.
  • Support for PostgreSQL. 

• Bug fixes

  • Fixed a couple of NPE bugs.
  • Fixed logging in over webservices using a JKS keystore in the Admin GUI.
  • Fixed some randomly failing unit tests.
  • Other minor bugfixes.

Development continues beyond this version and all requests from the community are scheduled for SignServer 3.4.1 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker.

EJBCA 5.0.9 released

21 March 2013 — Stockholm, Sweden

Primekey proudly presents the 5.0.9 maintenance release of EJBCA.
Quite some effort has been put into stabilizing the 5.0.x release for production, upgrade and audit use, including bug fixes and improvements of usability for issues discovered during production deployments.

EJBCA PKI *5.0.9* release notes

A maintenance release containing improvements and a few bug fixes. The following are a selection of the most noteworthy:

• New features

  • CMP vendor certificate authorization.
  • New publisher cache for better performance.
  • New ClientToolbox command to batch generate keys.
  • EJBCA now compiles and runs on JDK7.

• Bug fixes

  • Fixed an upgrade problem from 4.0.
  • Fixed revocation of CAs not performing as expected in all circumstances.
  • Fixed renewal not always persisting the keys.
  • Other minor bugfixes and improvements.

Development continues beyond this version and all requests from the community are scheduled for EJBCA 5.0.10 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker.

EJBCA 5.0.8 released

We are pleased to announce the release of EJBCA Enterprise version 5.0.8.

This is a maintenance release with improvements and bug fixes. In all 12 issues have been fixed.

* Noteworthy changes:
- Private key is not longer needed to verify database protection using the ejbca-db-cli.
- Improved robustness of 'ejbca.sh ca importcertdir' command.
- It is now possible to obfuscate log signer key password.
- Fixed a but with CMP certificate authentication.
- Minor bugfixes.

These are all minor issues and improvement.

Regards,
PrimeKey EJBCA Team

EJBCA 4.0.13 released

We are glad to release version 4.0.13 of EJBCA to the Community.

This is a maintenance release containing a few new features and improvements. In all 25 issues have been resolved.

* Noteworthy changes:
- New self-registration work-flow available in the public web.
- Added extended key usage for WiFi EAP authentication.
- Some build improvements to avoid issues on some platforms (no javascript, no jasper).
- More minor GUI improvements by David Carella of Linagora.
- Minor bug fixes.

The release do not contain any critical fixes, but is a natural step in improving the Community version of EJBCA.

The self-registration work-flow that first appeared in the EJBCA v5.0 Enterprise version has now also been released in EJBCA 4.0. Self registration has been a long standing request from the community and also some customers, and we a glad to say that it is now available in all active versions of EJBCA. Don't miss to try it out!

Get the new release from http://www.ejbca.org/.

Happy holidays,
PrimeKey EJBCA Team