|
|
|
Posted
9 days
ago
by
nore...@blogger.com (tomas)
10 May 2013 — Stockholm, SwedenThe PrimeKey EJBCA team is happy to announce that EJBCA 4.0.15 has been released! This is a maintenance release — 5 issues have been resolved. The most noteworthy changes can be
... [More]
seen below.
EJBCA PKI *4.0.15* release notesA maintenance release containing 2 new features and 3 improvements.
New FeaturesIt is now possible to publish certificate serial number in LDAP using a custom LDAP schema.When creating link certificates, a certificate profile can now be used.ImprovementsTwo new fields (C and UID) added to end entity email notification, by David Carella.Debug log message when healthcheck fails, makes debugging easier.Bug fixesNo bugs found!Development continues beyond this version and all requests from the community are scheduled for EJBCA 4.0.16 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker. [Less]
|
|
Posted
about 1 month
ago
by
nore...@blogger.com (tomas)
3 April 2013 — Stockholm, SwedenThe PrimeKey SignServer team is happy to announce that SignServer 3.4.0 has been released! This is a major release – in total 27 features, options, bugs and stabilizations have been fixed
... [More]
or added. The most noteworthy changes can be seen below.
SignServer *3.4.0* release notesMajor changesSecure logging to database using CESeCore.Support for querying audit log from CLI, GUI and web services.Configurable which Status Repository updates to log.Access group for auditors.Database CLI for verifying audit log.Support for PostgreSQL. Bug fixesFixed a couple of NPE bugs.Fixed logging in over webservices using a JKS keystore in the Admin GUI.Fixed some randomly failing unit tests.Other minor bugfixes.Development continues beyond this version and all requests from the community are scheduled for SignServer 3.4.1 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker. [Less]
|
|
Posted
about 1 month
ago
by
nore...@blogger.com (tomas)
21 March 2013 — Stockholm, SwedenPrimekey proudly presents the 5.0.9 maintenance release of EJBCA. Quite some effort has been put into stabilizing the 5.0.x release for production, upgrade and audit use, including bug fixes and improvements
... [More]
of usability for issues discovered during production deployments.
EJBCA PKI *5.0.9* release notesA maintenance release containing improvements and a few bug fixes. The following are a selection of the most noteworthy:
New featuresCMP vendor certificate authorization.New publisher cache for better performance.New ClientToolbox command to batch generate keys.EJBCA now compiles and runs on JDK7.Bug fixesFixed an upgrade problem from 4.0.Fixed revocation of CAs not performing as expected in all circumstances.Fixed renewal not always persisting the keys.Other minor bugfixes and improvements.Development continues beyond this version and all requests from the community are scheduled for EJBCA 5.0.10 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker. [Less]
|
|
Posted
5 months
ago
by
nore...@blogger.com (tomas)
We are pleased to announce the release of EJBCA Enterprise version 5.0.8. This is a maintenance release with improvements and bug fixes. In all 12 issues have been fixed. * Noteworthy changes: - Private key is not longer
... [More]
needed to verify database protection using the ejbca-db-cli.
- Improved robustness of 'ejbca.sh ca importcertdir' command.
- It is now possible to obfuscate log signer key password.
- Fixed a but with CMP certificate authentication.
- Minor bugfixes.
These are all minor issues and improvement.
Regards,
PrimeKey EJBCA Team [Less]
|
|
Posted
5 months
ago
by
nore...@blogger.com (tomas)
We are glad to release version 4.0.13 of EJBCA to the Community. This is a maintenance release containing a few new features and improvements. In all 25 issues have been resolved. * Noteworthy changes: - New self-registration
... [More]
work-flow available in the public web.
- Added extended key usage for WiFi EAP authentication.
- Some build improvements to avoid issues on some platforms (no javascript, no jasper).
- More minor GUI improvements by David Carella of Linagora.
- Minor bug fixes.
The release do not contain any critical fixes, but is a natural step in improving the Community version of EJBCA.
The self-registration work-flow that first appeared in the EJBCA v5.0 Enterprise version has now also been released in EJBCA 4.0. Self registration has been a long standing request from the community and also some customers, and we a glad to say that it is now available in all active versions of EJBCA. Don't miss to try it out!
Get the new release from http://www.ejbca.org/.
Happy holidays,
PrimeKey EJBCA Team [Less]
|
|
Posted
7 months
ago
by
nore...@blogger.com (tomas)
We are pleased to announce that PrimeKey Solutions AB has successfully completed Common Criteria EAL4+ Certification of EJBCA version 5. The much awaited Common Criteria certificate, issued by ANSSI (Agence nationale de la sécurité des systèmes
... [More]
d’information), is an important milestone in EJBCAs 10+ years rich history of achievements.
With this formal evidence that EJBCA confirms to the rigorous security standards for Certificate Issuance and Management Systems, this Common Criteria certification benefits Primekey’s customers and partners, as well as the community, and strengthens EJBCA’s position as the top pick of secure Certificate Authority software around the world.
EJBCA is certified based on the CIMC Protection Profile (v1.0) at security level 3. The assurance level is EAL4+ (EAL4 augmented with ALC_FLR.2).
Beyond a Shadow of a DoubtDue to regulations and legislations, the Common Criteria EAL4+ Certification is often mandatory to reach the highest level of security requirements in computer software. The proof of achieved CC certification is a neccessity for EJBCA users who need to run mission critical PKI, and who will have their own software, solution or service, certified and audited for standards compliance, such as CWA and WebTrust. PrimeKey welcomes, of course, the certification as an additional proof that our EJBCA development adheres to the strictest security practices and enables us to reach out to customers that require formal certification.
“Our clients' projects often have to undergo own strict security certification and audit processes. This official proof of EJBCA's Common Criteria Certification will help them reach positive outcome, which sometimes is crucial for us in order to sign a new contract”, says CEO Konstantin Papaxanthis.
From now on, no organisation has to refrain from using EJBCA because of any particular security requirements. PrimeKey's customers can go straight ahead having their EJBCA based projects security evaluated and formally certified as audit compliant to the most demanding standards.
For more info on “EJBCA v.5” please visit www.primekey.se/.
The EJBCA community can also be assured that the development of EJBCA Community Edition follows the same certified development process.
About Common CriteriaThe Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard for computer security certification. Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner.
For more info on “Common Criteria” please visit www.commoncriteriaportal.org/.
About EJBCA PKIA serious enterprise class PKI, EJBCA is utilized as a Certification Authority, to build complete PKI infrastructures within organizations who issue certificates for different purposes, such as:
Strong authentication for users accessing your intranet/extranet/internet resources.Secure communication with SSL servers and SSL clients.Smart card logon.Signing and encrypting email.VPN connections by issuing certificates to your VPN routers.Client VPN access with certificates in users VPN clients.Secure logon to web applications (Single sign-on).Creating signed documents.Mobile PKI, like enrolling iOS.Secure mobile networks, i.e. 3GPP/LTE/4G using the CMP protocol.Counterfeit prevention.Issue national eIDs.Issue and inspect electronic passports, including EU EAC ePassports.... and many many more ...For more info on “EJBCA” please visit www.ejbca.org/. [Less]
|
|
Posted
8 months
ago
by
nore...@blogger.com (tomas)
The PrimeKey SignServer team is happy to announce that SignServer 3.2.3 has been released! This is a maintenance release - in total 34 features, options, bugs and stabilizations have been fixed or added. Development
... [More]
continues beyond this version and all requests from the
community are scheduled for SignServer 3.2.4 or later releases.
More information is available at the project web site and the complete
changelog can be viewed in the issue tracker.
The most noteworthy changes can be seen below.
Major new features and improvements:
- Support for running SignServer without database
- Configurable to disable the key usage counter
- Signer certificate check in Health check for all Signers
- Check that the timestamp signer certificate is included in the
certificate chain
- Health check response of TimeStampSigner now considers status of time
source
- Down-for-maintenance support in Health check
- Support for supplying filename as request metadata
Bug fixes:
- Client CLI only supported 10 arguments on Windows
- Null value was inserted when removing last wsadmin on Oracle
- PDF Signature could not be larger than 15000 bytes
- Sample configuration for renewal worker not functional
- Various documentation updates
Notice:
- Same internal API changes has been done as part of DSS-528. If you
have custom code some changes might be required.
Regards,
The PrimeKey SignServer team [Less]
|
|
Posted
11 months
ago
by
nore...@blogger.com (tomas)
After 2 years of work, and 6 months of administrative waiting period CESeCore has finally received the final, signed, Common Criteria certification. Providing a certified component libraryBy June 2012 the CESeCore project fullfilled its
... [More]
primary purposes: to make the CESeCore Security Core 1); Common Criteria EAL 4+ certified and 2); publicly available for integration with enterprise applications.
Vendors aiming to attain their own Common Criteria certification will continue to draw significant benefits through the use of the fully approved CESeCore library, which greatly shortens and simplifies implementation of many important security functions.
The certified CESeCore has also taken PrimeKey's EJBCA Enterprise edition a steady leap forward towards its own final Common Criteria certification.
"When we created CESeCore, we added the most important security functions from certificate management, certificate validation and timestamping, into a re-usable Java Enterprise component library. And we worked patiently to have it Common Criteria certified! Anyone who needs these security functions no longer have to re-invent the wheel."
— Tomas Gustavsson, PrimeKey CTO
Certification detailsCESeCore is certified based on the CIMC Protection Profile (v1.0) at security level 3. The assurance level is EAL4+ (EAL4 augmented with ALC_FLR.2).
For those interested all details are available in the CESeCore Security Target.
EJBCA to be completedBuilding on the CESeCore, EJBCA 5.0 has already completed the evaluation for the Common Criteria evaluation at the same level. We are only awaiting the administrative process to receive the final certificate also for EJBCA. [Less]
|
|
Posted
12 months
ago
by
nore...@blogger.com (tomas)
4 Jun 2012 — Stockholm, Sweden Primekey proudly presents the 5.0.5 maintenance release of EJBCA. Quite some effort was put into stabilizing the 5.0.x release for production use, including bug fixes and improvements of usability for
... [More]
issues discovered during production deployments.
To find out how to access EJBCA 5 visit PrimeKey's PKI Shop.
EJBCA PKI *5.0.5* release notes
A maintenance release containing a couple of small features and many bug fixes. The following are a selection of the most noteworthy:
New features
Index recommendations have changed.CVC CAs can now be created from the Command Line Interface.EJBCA now supports Japanese localization.Overall performance increases.Removed redundant and excessive logging to audit logs.
Bug fixes
Fixed bug where recursive deny rules caused deny for system user.
Development continues beyond this version and all requests from the community are scheduled for EJBCA 5.0.6 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker. [Less]
|
|
Posted
12 months
ago
by
nore...@blogger.com (tomas)
Mobile ID is a open source new Android app for signatures and encryption developed by Nerd in Greece. It is still a beta version, but I though it might be interesting to know. It has been integrated with EJBCA so you can get a certificate easily. Development and further integration will also continue beyond this point. Also see press release.
|
Copyright
©
2013
Black Duck Software, Inc.
and its contributors, Some Rights Reserved. Unless otherwise marked, this work is licensed under a
Creative Commons Attribution 3.0 Unported License
. Ohloh
®
and the Ohloh logo are trademarks of
Black Duck Software, Inc.
in the United States and/or other jurisdictions. All other trademarks are the property of their respective holders.