Menu

EJBCA Community 6.1.1 Released

This is a maintenance release with new features, bug fixes and improvements. In all 32 issues have been fixed.
The biggest news in this release are support for EAC 2.10 access control templates, more OCSP improvements as
well as improvements for Key Recovery.

  • Noteworthy changes:
  • OCSP improvements and new features related to RFC 6960, minimizing size of OCSP responses (see note below).
  • Implemented OCSP signing algorithm including client requested algorithms.
  • CVC certificate profiles (ePassport PKI) now supports EAC 2.10 access control templates.
  • Improvements to Key Recovery enabling encryption key rollover and providing more information about encryption keys.
  • Windows build/install is now working.
  • ManagementCA created during a default install now uses SHA256WithRSA.
  • EJBCA now compiles (deployment/running not supported however) on WildFly 8 and Glasshish 4, also using Java 8.
  • EJBCA can now use certificate serial number longer than 64 bits.
  • Minor improvements and fixes to make life easier for everyone.

Note 1: OCSP responses no longer includes the Root CA Certificate, unless the Root CA is the OCSP signer, and it is configured to
include the signer certificate. Having OCSP responses as small as possible is an important performance feature, and since the
client must have the root certificate as trusted there is no need to include the root certificate in the chain.

Note 2: In EJBCA 6.1.0 the Public Web interface logo filename was changed. If you have customized your own logo, you need to rename
the logo filename from 'logotype.png' or 'ejbca_pki_by_primekey_logo.png' to 'banner_ejbca-public.png'.

Read the full Changelog for details.
For upgrade instructions, please see UPGRADE.

Posted by Tomas Gustavsson 2014-04-07

Log in to post a comment.