The release of XCA 0.6.3 comes with an options dialog where
the following settings can be adjusted per database:
The default hash-algo can be set to SHA1 for all users with clients
that can not handle the current default of SHA256. Additionally a list of mandatory
distinguished name entries can be set to get warned if one of them is empty
during certificate rollout.
Usually xca takes care that a key is only used once.
Some people asked my to help them shooting themselves into the foot,
so I added an option to use keys more than once.
The internal handling of umlauts was moved to UTF8.
It may be possible that some of your key and certificate internal names
show rubish where non 7bit ASCII characters have been. This is
no issue, since you can easily rename the items in question. This will not change
Since version 0.6.0 the distinguished name fields are more informational.
One line with an RFC2253 representation of the DN was added and all
single fields show their type in the bubble-help.
An undelete feature was added to undelete any items as long as the database
A general PEM import function was added to autodetect the content of the PEM file
and load it into the database if desired.