[Ejbca-develop] EJBCA Community 6.10.1.2 released

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi everyone,

The EJBCA Team is very pleased to release EJBCA Community 6.10.1.2.

This is a major upgrade providing lots of new features as well as many
large and small improvements and bugfixes.

You can get it directly from the EJBCA homepage <https://www.ejbca.org/>.

The absolutely largest user noticeable feature is the introduction of a
completely new RA UI, scheduled to deprecate the old Public Web as
described here:
Roadmap Update EJBCA 7 and what lies in store
<http://blog.ejbca.org/2018/02/roadmap-update-ejbca-7-and-what-lies-in.html>.

The new RA UI is a major step up of RA capability in EJBCA and is
described in depth in a four part blog post series:

  * Introducing the EJBCA RA, Part 1: Introduction
    <http://blog.ejbca.org/2017/06/introducing-ejbca-ra-part-1-introduction.html>
  * Introducing the EJBCA RA, Part 2.1: Migrating from the Public Web
    <http://blog.ejbca.org/2017/07/introducing-ejbca-ra-part-21-migrating.html>
  * Introducing the EJBCA RA, Part 2.2: Migrating from the Public Web
    (continued)
    <http://blog.ejbca.org/2017/07/introducing-ejbca-ra-part-22-migrating.html>
  * Introducing the EJBCA RA, Part 3: Architecture of an RA Proxy
    <http://blog.ejbca.org/2017/10/introducing-ejbca-ra-part-3.html>

Apart from this feature there are many other features worth highlighting
such as:
- Support for Service Name in certificates (RFC 4985
<https://www.ietf.org/rfc/rfc4985.txt>)
- Support for XMPP Client certificates (RFC 6120
<https://www.ietf.org/rfc/rfc6120.txt>)
- Support for ID on SIM (RFC 4683 <https://www.ietf.org/rfc/rfc4683.txt>)
- Support for RegisteredID in the SAN
- Functional enhancements to the CMP protocol
<https://www.ietf.org/rfc/rfc4210.txt> and CMP aliases, including CMP
central key generation
- Option to keep revoked expired certificates on CRLs
- Fine grained validity period configuration, down to minutes as well as
- ability to configure certain days when certificates can not expire
- A new ejbca-setup quick setup script
<https://www.ejbca.org/docs/installation.html#Quick%20Start%20Guide> for
Linux
- Ability to limit OIDs that are acceptable in Extension Override
- A completely new Role system
<https://www.ejbca.org/docs/userguide.html#Administrator%20Roles> that
is easier to manage, including role management in the RA UI
- A new Validator
<https://www.ejbca.org/docs/adminguide.html#Validators> concept,
allowing Key Validation to be performed before certificates are issued
(as well as CAA validation in Enterprise for example)
- Security hardening and other security improvements
- And a lot more which don't fit into this limited space...

The full changelog between the old and the new Community release can be
seen in the Sourceforge download directory
<https://sourceforge.net/projects/ejbca/files/ejbca6/ejbca_6_10_0/>.
or download directly
<https://sourceforge.net/projects/ejbca/files/ejbca6/ejbca_6_10_0/README/download>.

We have also ensured that upgrades from older version of EJBCA is still
possible, and documented this in:
The Definitive EJBCA Upgrade Guide
<http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html>

In all we are very proud of this release and you should notice some
large enhancements and a lot of new functions. If there was anything you
missed in the last release,
there is a good chance you will find it in the new release.

Regards,
The EJBCA Team
-- 
RSA Conference 2018
------------------------------------------------------------------
San Francisco | April 16-20 | Moscone Center
Come visit us in booth #1518 at RSA Conference 2018!

Want a free expo pass?
Go to https://www.rsaconference.com/events/us18/register
and use the code: X8EPRIME