- #CISCO ISE 2.4 PATCH 5 RELEASE NOTES HOW TO#
- #CISCO ISE 2.4 PATCH 5 RELEASE NOTES SERIAL NUMBERS#
- #CISCO ISE 2.4 PATCH 5 RELEASE NOTES FULL#
The Certificate Management REST APIĪ long requested and requested feature is for EJBCA to support a spick and span new REST API, and EJBCA 6.14 introduces the first iteration of our Certificate Management REST Interface. It's with no small amount of pride that we'd like to announce the release of EJBCA 6.14, one of the most feature rich releases to come out in a long while.
#CISCO ISE 2.4 PATCH 5 RELEASE NOTES FULL#
For a full list of new features and implemented improvements in EJBCA 6.14, see the EJBCA 6.14 Release Notes. We also took the chance to fix some other minor issues that came up late during QA that we believe should hold you over for the time being. This minor EJBCA 6.14.1 release primarily fixes some issues that some users reported when running EJBCA 6.14 on JBoss 7.1.1GA, due to some race conditions and library collisions in that particular version that didn't come up during testing. Unchecking this property makes an extension available to be requested in the enrollment request but not necessary. The second addition is the Required property, which is by default checked. in the above example, any request containing an extension ending in. Firstly, we've added wildcards (identified by an '*') to the OID field, which allows a defined extension to match against any array of extensions defined in an incoming request (e.g. We've added two minor features to Custom Certificate Extensions. Wildcards for Custom Certificate Extensions
#CISCO ISE 2.4 PATCH 5 RELEASE NOTES HOW TO#
Our implementation has been verified against Certbot, PJAC and ACME Tiny, and our ACME documentation describes how to configure them. Naturally we've implemented it with full support for proxying communications over Peers through our RA, and support for multiple configurations using aliases as we do with other protocols. Nearly done by the release of 6.14 but not quite there, EJBCA 6.15's main feature is our support for the ACME protocol, up unto and including all mandatory features in draft 12. That said, we're sending off the last feature release of EJBCA 6 with a helluva bang: full support for the ACME REST protocol! ACME Support Version 6 of EJBCA is beginning to near its end, and the team are looking forward with great anticipation to be able to give you all a look at what's coming with EJBCA 7. The output of the CertSafe Publisher has been amended to include revocation time. Revocation Time added to CertSafe Publisher Just like we did for the Peer VA Publisher back in EJBCA 6.13, we've GDPR adapted the Legacy VA Publisher.īy enabling the new Don't store certificate meta data option at the bottom, VA publishing can be performed without writing any identifying information to the VA. SCP Publishing and VA Populationĭue to popular demand for an alternative to the Peer Publisher in environments where establishing a Peer Connection between CA and VA isn't an option, we've created the SCP Publisher, which publishes certificates and CRLs to a remote location over SCP.Ĭonversely, in order to import certificates and CRLs exported by the SCP Publisher a VA, we've implemented the Certificate and CRL Reader Service. The publisher also allows splitting referenced publishers into groups, which establishes parallel publishing queues. In order to facilitate for users administrating large numbers of publishers referenced in multiple certificate profiles, we've implemented the Multi Group Publisher.īy referencing Multi Group Publishers instead of the affected publishers directly, actions such as adding or removing VAs can quickly permeate throughout all affected certificate profiles. For more information, see EJBCA 6.15.2 Release Notes.
#CISCO ISE 2.4 PATCH 5 RELEASE NOTES SERIAL NUMBERS#
A major feature that we have backported to this release from EJBCA 7.0.1 is the SN issue highlighted recently in the Mozilla Security Policy forum regarding how EJBCA handles certificate serial numbers out of the box. This is the intended EOL release of EJBCA 6.15, and should fix all final issues remaining in the 6.15 branch for those of you not yet ready to move on to EJBCA 7.
![cisco ise 2.4 patch 5 release notes cisco ise 2.4 patch 5 release notes](https://www.ciscozine.com/wp-content/uploads/Cisco-ISE-Upgrade-Step-14.png)
This maintenance release resolves a potential security issue when using SCEP in RA mode. This link has now been removed from EJBCA 6.15.x. When listing role members in the CA UI ( Roles and Access Rules>Members), there was previously a link to view certificates, if the role member had a match value of X509: Certificate serial number. This maintenance release resolves several vulnerabilities found in EJBCA during penetration testing. The EJBCA Release Notes also include a change log, listing all issues resolved in the release and a cross-reference to our JIRA Issue Tracker for full details on issues resolved in the release. The following lists release notes for all EJBCA versions released.įor information on features and improvements implemented per release, see the EJBCA Release Notes.