[Ejbca-develop] EJBCA 3.7.1 released

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

We are pleased to announce EJBCA 3.7.1.  This release primarily focuses 
on ePassport ECC support, but there are some other minor improvements in 
there too.

This is a minor release with major focus on enhancements to CVC CA 
support for EU EAC ePassport PKIs.
- Support for both RSA and ECC with all EAC algorithms.
- Interoperability fixes tested with other implementation at the Prague 
2008 event.
- Usability enhancements for CVC PKIs, for example download and import 
of binary certificates.
- Changes to the CVC cli to mimic the WS-API functions.
- Fixed that upgrade from 3.6 to 3.7 causes error when autogenerated 
password are used
- Other minor bugfixes.

Read the changelog for details.

This is a plug-in upgrade from 3.7.x. See UPGRADE for the simple 
instructions.
Because there are binary files in EJBCA_HOME/lib changed there is no 
patch file for upgrading
EJBCA 3.7.0 to 3.7.1. Use the full package from EJBCA 3.7.1 and follow 
the upgrade instructions in UPGRADE.

Changes:
New Feature
     * [ECA-896] - CVC support for EC keys
     * [ECA-925] - Import of external CA certificates
     * [ECA-940] - possibility to use an EC key stored on a HSM

Improvement
     * [ECA-748] - Order certificates in view certificates with newest first
     * [ECA-927] - CVC requests should not include CARef if null
     * [ECA-928] - cvcprint cli command should handle verification of 
authenticated requests
     * [ECA-934] - Possible to authenticate CVC request by outer CA 
signature
     * [ECA-941] - Possible to download CA certrequests and certs as binary
     * [ECA-942] - possible to receive certiifcate requests and certs in 
binary format
     * [ECA-946] - Not possible to create CVC link certificates with 
soft CA tokens
     * [ECA-947] - Making certificate request from a CA should ask for 
CA cert of target CA
     * [ECA-948] - cvcrequest cli command should not automatically add 
end entities
     * [ECA-951] - Possible to set sequence of catoken manually

Bug
     * [ECA-926] - CVC requests can be assigned to wrong CA when 
sequence is same
     * [ECA-930] - cert-cvc: authenticated requests does not include 
CARef in TBS
     * [ECA-931] - getrootcert cli command does not work for CVC 
certificates
     * [ECA-932] - CVC requests from SubCAs does not have the target CA 
as CARef
     * [ECA-939] - Upgrade 3.6 to 3.7 cases error when autogenerated 
password are used
     * [ECA-943] - NullPointer when clicking Sign Certificate Request
     * [ECA-944] - Import soft CVCA does not set sequence
     * [ECA-945] - Not possible to delete admin entities with ' in name
     * [ECA-949] - Make certificate request button should not be 
available for external CAs
     * [ECA-956] - NullPointerException in LdapPublisher when base node 
does not exist