Issues Resolved in 7.0.0
Released on February 7th 2019
New Features
ECA-3076 - Detect and audit log when an administrator logs out of the CA Web UI
ECA-6777 - Create new DB column for storing CSR in CertificateData
ECA-7225 - Note in approvals that values have been changed from the default
ECA-7256 - Allow the creation of unenrolled EEs from the RA Web
ECA-7339 - PSD2 ASN.1 module and API code
ECA-7383 - Core API support for multi-value RDN and End Entity Profile validation of multi-value RDNs
ECA-7401 - Implement ConfigDump export for MultiGroupPublisher
ECA-7413 - Add SHA348withRSAandMGF1 and SHA512withRSAandMGF1 to the list of selectable signature algorithms
ECA-7414 - Make EJBCA build with Java 11
ECA-7419 - Can't paste ACME root anchor with tabs
ECA-7440 - Configdump exports parts of ACME configuration even if excluded
ECA-7444 - User Data Source access control does not let superadmins select "Any CA"
ECA-7470 - Possibility to add array values in edit CA CLI
ECA-7539 - Add subcommand to clientToolBox to interact with database over pure JDBC
ECA-7556 - ClientToolBox command for running a health check
ECA-7562 - Add WS CLI method to get remaining number of approvals
ECA-7586 - Implement a session timeout from the CA Web UI
Improvements
ECA-3724 - Convert Certificate Profiles pages to JSF
ECA-4348 - Remove remaining NetID integration code
ECA-4377 - CertTools.isCertificateValid logging refers to OCSP.
ECA-4630 - Convert Edit End Entity Profile page to JSF
ECA-5804 - Make ApprovalSessionTest less timing sensetive
ECA-5851 - Convert Certificate Authority pages to JSF
ECA-5932 - Upgrade bundled Hibernate jars
ECA-6210 - Stop using Ejb3Configuration in DatabaseSchemaScriptCommand
ECA-6801 - Convert EJBCA Home page to JSF
ECA-6802 - Convert CA Activation Page to JSF
ECA-6803 - Convert CA Structure & CRLs page to JSF
ECA-6804 - Convert Edit Crypto Tokens page to XHTML
ECA-6805 - Convert Manage Crypto Tokens page to XHTML
ECA-6806 - Convert Manage Publishers page to JSF
ECA-6807 - Convert Edit Publishers page to JSF
ECA-6808 - Convert Manage End Entity Profiles page to JSF
ECA-6810 - Convert Manage User Data Sources page to JSF
ECA-6811 - Convert Edit User Data Source page to JSF
ECA-6812 - Convert Manage Hard Token Issuers page to JSF
ECA-6813 - Convert Edit Hard Token Issuers page to JSF
ECA-6816 - Convert Manage Approval Profiles page to XHTML
ECA-6817 - Convert Edit Approval Profile page to XHTML
ECA-6818 - Convert Audit Log page to XHTML
ECA-6819 - Convert Manage Keybindings page to XHTML
ECA-6820 - Convert Edit Keybindings page to XHTML
ECA-6821 - Convert Manage Peer Connectors page to XHTML
ECA-6822 - Convert Edit Peer Connectors page to XHTML
ECA-6824 - Convert Manage Services page to XHTML
ECA-6825 - Convert Edit Services page to XHTML
ECA-6826 - Convert Manage CMP Aliases page to JSF
ECA-6827 - Convert Edit CMP Alias page to JSF
ECA-6828 - Convert Manage EST Aliases page to JSF
ECA-6829 - Convert Edit EST Alias page to JSF
ECA-6830 - Convert Manage SCEP aliases page to XHTML
ECA-6831 - Convert Manage SCEP alias page to XHTML
ECA-6832 - Convert System Configuration page to XHTML
ECA-6833 - Convert Preferences page to JSF
ECA-7263 - Remove "Administration" title from CA UI
ECA-7276 - Database CLI import from XML format
ECA-7284 - Fix broken web tests for JSF conversion
ECA-7289 - Improvements to Certificate Transparency section in certificate profiles
ECA-7292 - Add proper error handling for JSF
ECA-7298 - EJBCA CLI's "Merge CA Tokens" leaves unused crypto tokens behind
ECA-7312 - Increase initial size of ProtectionStringBuilder for Certificate Profiles to avoid unessecary warnings in debug log
ECA-7313 - Change mime type for CRLs from application/x-x509-crl to application/pkix-crl as defined in RFC5280
ECA-7314 - Implement "Custom Certificate Extension Data" field for RA enrollment
ECA-7315 - findCertificatesByExpireTime API calls, CLI and RA UI, should not return already expired certificates
ECA-7317 - SCEP error messages when CA can not be found are not complete
ECA-7325 - Extend tests for Custom Certificate Extensions
ECA-7327 - Convert viewcainfo.jsp and viewcertificate.jsp popUps to jsf
ECA-7334 - Review End Entity Profiles UI Tests
ECA-7343 - Refactor org.ejbca.webtest.helper.CaHelper
ECA-7344 - Refactor org.ejbca.webtest.helper.AdminRolesHelper
ECA-7348 - Introduce a CaStructureHelper for UI tests
ECA-7355 - Review Convert CA Structure & CRLs UI tests
ECA-7356 - Introduce an ApprovalProfilesHelper for UI tests
ECA-7357 - Review Approval Profiles UI tests
ECA-7362 - Review Administrator Roles UI Tests
ECA-7365 - Add a Jenkins job for EJBCA UI Tests
ECA-7367 - Acme must be in status unavailable under System Configuration (community edition)
ECA-7371 - Usage of sun.security.pkcs11 is not allowed when compiling in Java 11
ECA-7375 - Crypto Tokens page messages are displayed twice.
ECA-7380 - Missing space between 'Title' and '?' in Manage Crypto Tokens page
ECA-7421 - configdump module's unit tests are not collected by Jenkins unit tests job 'EJBCA_TRUNK_UNIT_PUPPET'
ECA-7423 - Failing tests of org.ejbca.configdump.core.ConfigdumpCoreUnitTest
ECA-7437 - Clean up unused imports, parameterize, remove unused variables ect.
ECA-7456 - VendorAuthenticationTest.test01_3GPPMode depends on server time zone
ECA-7471 - Allow system tests to run with EJBCA not on localhost
ECA-7491 - Use relative URLs in AdminGUI
ECA-7492 - Fun refactoring task - WebLanguages class uses property arrays, but should be remade in more OOP way
ECA-7508 - EJBCA-CLI: Do not add duplicate role members
ECA-7514 - Fix failing tests in EjbcaRestHelperUnitTest
ECA-7518 - Allow tests to run with TLS certificates not issued by ManagementCA
ECA-7522 - Add proper configuration to jenkins-files/*/conf/
ECA-7527 - Investigate and fix ACME failing tests in trunk
ECA-7530 - Convert ACME Configuration page to xhtml
ECA-7531 - Convert ACME Alias Configuration page to xhtml
ECA-7532 - Add Deviation List Signer Extended Key Usage
ECA-7537 - Simplify and improve configuration of CMP tests
ECA-7541 - Change CT log policy labels to not use mathematical symbols
ECA-7546 - Make API and log use of requestID and approvalID consistent and easier to understand
ECA-7547 - Allow OCSP KeyBinding certificate without Key Usage
ECA-7555 - Acme SystemTest(s) failure for 6.15X EJBCA_TRUNK_DB2V105_UBUNTU1204_JBOSSEAP61_PUPPET jenkins job
ECA-7557 - Fix failing CMP TCP system tests
ECA-7563 - Separate out EjbcaWSTest.test02FindUser into its own test class
ECA-7566 - EjbcaWS.findUser() does not work for subjectEmail
ECA-7567 - Allow browser binary to be configured for Web Tests
ECA-7573 - Improve error handling and remove dead code in AdminWeb
ECA-7574 - Convert Approval Actions page to XHTML
ECA-7575 - Convert Approval Action page to XHTML
ECA-7576 - Clarifications in the Multi Group Publisher documentation
ECA-7579 - Editing EE functionality in RA Web is hidden behind the View-button
ECA-7594 - fun refactoring task: ViewCertificateManagedBean parseRequest method needs the button control logic refactored out into their own methods
ECA-7604 - Get rid of PublisherDataHandler class
ECA-7605 - Fix admin-gui build.xml
ECA-7609 - Clear hibernate cache in ejbca-db-cli to avoid high memory usage
ECA-7612 - VendorAuthenticationTest test case fail in Jenkins
ECA-7614 - Implement ECAQA-196 test scenario.
ECA-7616 - Code refactoring in MultiGroup Publisher Data class.
ECA-7625 - Stop using System.lineSeparator, except for writing to files or pipes
ECA-7634 - ACME test improvements
ECA-7636 - Update system requirements in documentation
ECA-7642 - WebEjbcaClearCacheTest should be skipped if not running on localhost
ECA-7643 - EjbcaWSTest should not use hardcoded "superadmin" user
ECA-7644 - EJBCA ziprelease should not include scripts from jenkins-files
ECA-7645 - CrmfRAPbeRequestTest fails on community edition
ECA-7648 - EE_COS7_OpenJDK8_WF10_NOHSM_DB2 job failure
ECA-7649 - POC Automate profiles installation for Firefox
ECA-7650 - Ability to upload CT log key in raw B64 format
ECA-7654 - Update '© 2002–2018 PrimeKey Solutions AB' to 2019
ECA-7658 - Use white-list instead of black-list of allowed HTTP methods in web.xml
ECA-7679 - PeerConnectionsTest uses TLSv1, but should use TLSv1.2
ECA-7680 - PatternLoggers should check if log level is enabled before doing work
ECA-7682 - PeerConnectionsTest.testPublishCertificate should inform about prerequisite in failure message
ECA-7684 - Typo in error message on 'View Certificate' page
ECA-7689 - Update web.xml to Servlet 3.1 use correct JSF 2.2 schema in faces-config.xml
ECA-7692 - Add CSRs for unit testing the RSA Key Validator
ECA-7694 - Modify application.xml to reflect new JEE7 version
ECA-7696 - Add method to get filename from uploaded file
ECA-7701 - Upgrade persistence.xml to JEE7
ECA-7705 - AutoEnrollment Documentation Improvement
ECA-7707 - HttpMethodsTest.testDocs should not fail if internal docs are not used
ECA-7738 - JDK11 Compliance: Patch CESeCore with provider fix from DSSINTER-289
ECA-7740 - Simplify ant build scripts to cut build time
ECA-7755 - The copyright year should be updated to include 2019
ECA-7761 - Minor security improvement
Bug Fixes
ECA-6865 - Failure to publish to a Peer Publisher gives no error message in log in some cases
ECA-7013 - RA Style is deselected while modifying access rules
ECA-7269 - Regression: JSF errors on JBoss AS 7.1.1
ECA-7273 - Certificate profiles appear to be (but aren't) editable for an Auditor
ECA-7282 - Poor error message for incorrectly formatted CT public keys: "Extra Data Detected in Stream"
ECA-7285 - Add HEAD request for the endpoint revokeCert
ECA-7286 - Fix NPE which happens when de-registering account with certbot
ECA-7326 - Bound Certificate under Internal Key Binding is displayed wrongly
ECA-7329 - NPE when you click on 'Republish' button on View Certificate page under Authentication Key Binding
ECA-7332 - OCSP Extensions configurations is applied to the newly created ones
ECA-7338 - Regression: clearPwd flag on WS editUser does not work
ECA-7342 - Check for legal characters is not working for some pages
ECA-7366 - dncomponents.properties.sample order of orgaizationIdentifier differs from default in DnCompoonents.java
ECA-7370 - ServiceManifestBuilder does not run with Java 11
ECA-7378 - PublicWeb check certificate status inly works with 8 octet cert serialNumber
ECA-7379 - Regression: throwing checked Exceptions from postConstruct is not allowed in JEE spec
ECA-7404 - CA Activation backlink broken
ECA-7433 - Dry-run parameter not respected when importing validators using Statedump
ECA-7434 - Add modular protocol configuration to Statedump
ECA-7438 - NullPointerException in some Adminweb pages if External Script Access is disabled and you have Custom Publishers
ECA-7443 - CAs and Fields in User Data Sources are stored as strings, causing ClassCastException
ECA-7445 - Missing exclude option for Validators in Statedump
ECA-7460 - NPE when importing a CA where a previous certificate exists without expireDate
ECA-7480 - When creating an EndEntity in RA Web and delete_end_entity accessrule is disabled, the process ends incorrectly with success but end entity is not created
ECA-7499 - java.lang.IllegalStateException when using browser back/forward button
ECA-7500 - Certificate Request Generated despite choosing the wrong format
ECA-7511 - EjbcaWSHelperSessionBean.caRenewCertRequest lacks an null check
ECA-7516 - Investigate and fix duplicate ID exception in editservice.xhtml
ECA-7523 - Test failures in ProtocolOcspHttpTest due do missing cleanup
ECA-7524 - Regression: HttpMethodsTest fail because of unexpected HTTP header value
ECA-7525 - Domestic / Non-external CVCA/DVCA do not have the expiration field set
ECA-7529 - OcspExtensionsTest fails on community edition
ECA-7533 - Fix WS documentation for isApproved and getRemainingNumberOfApprovals
ECA-7534 - DnFieldDumpHandler missing DnFieldExtractor.URI in Map.
ECA-7535 - Regression: Upgrade of customcertextensions.properties fails
ECA-7536 - CertificateCrlReaderSystemTest fails on Windows
ECA-7540 - Importing a CVCA certificate with error triggers CSRF error
ECA-7543 - CertSafePublisherTest fails on Windows due to line endings
ECA-7544 - Fix UpgradePublisherTest
ECA-7550 - Missing label and fields cleared erroneously in Edit Services page
ECA-7552 - StatedumpTest should use systemtests.properties
ECA-7558 - Admin Web returns redundant security headers
ECA-7568 - OCSP unathorized (6) error adds blank line to OCSP transaction log
ECA-7572 - Publisher queue status on home page looks weird since JSF conversion
ECA-7583 - Regression: Errors when creating a CA are not handled
ECA-7584 - USERAUTH fail when publishing with the SCP Publisher
ECA-7587 - Fix NPE when exception lacks an error message
ECA-7591 - Configdump CA is missing support for getLatestSubjectDN
ECA-7595 - UpgradeSessionBeanTest.testUpgradeOcspExtensions6120 fails intermittently
ECA-7599 - AcmeConfigurationAndValidationSystemTest.leaveRevocationReasonUnchanged fails intermittently
ECA-7611 - Fix validity field in Edit CA page
ECA-7613 - CertificateCrlReaderSystemTest fails intermittently
ECA-7615 - Multigroup publisher errors handled incorrectly after conversion
ECA-7624 - Fix ConfigdumpValidatorUnitTest and YamlWriterUnitTest
ECA-7628 - configdump change causes test build failure in CE
ECA-7631 - Typo in Error message
ECA-7632 - RA Web enrollment, End entity removed if finishUser is unchecked in the CA
ECA-7647 - 'Receive Certificate Response' does not work for Externally signed CA
ECA-7662 - SecurityEvents*SessionBeanTest fails on H2 dues to use of ORDER in DELETE
ECA-7663 - CertificateRetrievalTest.test09FindWithMissingCertData assumes database.useSeparateCertificateTable=false
ECA-7665 - OutgoingPeerConnectionTest fails intermittently
ECA-7667 - Invalid single quotes in language file
ECA-7669 - The certificate link of an 'EJBCA Node Start' row in the Audit Log does not work
ECA-7676 - Nullcheck would have been NPE in BlacklistEntry
ECA-7677 - PeerConnectionsTest is missing slf4j runtime dependency
ECA-7697 - Regression: Default 'RA-Administrator' and 'Supervisor' roles gets 'Authorization Denied Cause: You are not authorized to view this page.'
ECA-7698 - Update example URL for external documentation
ECA-7699 - Can't access Admin web index page without /ca_functionality/view_ca access
ECA-7712 - Cannot save end entity profile where End Entity E-mail is disabled
ECA-7715 - Regression: Peer connectors cached in browser session not updated when cloning
ECA-7716 - Replace invalid double quotes in language files
ECA-7721 - Regression: CMP RA Name Generation Scheme don't use language strings anymore
ECA-7723 - Can't check "Critical" checkboxes on Edit CA page
ECA-7726 - Non-informative error message on Edit EST Aliases page
ECA-7730 - Clicking Logout in Adminweb gives NumberFormatException
ECA-7735 - Cloning a peer connector does not clone the flag for process incoming requests
ECA-7737 - Certificate of type "Sub CA" can't be published
ECA-7741 - Update tag library schemas for JEE7 in AdminWeb
ECA-7742 - CAA Validator fails DNSSEC validation for CH domains
ECA-7760 - ScpPublisher: Destination URL for certificates saved as crl.scp.destination and vice versa
ECA-7767 - Configdump validator export can fail with NPE
ECA-7769 - Fix warnings from DB CLI
Tasks
ECA-6864 - Set up a Jenkins instance to test JDK8/Wildfly10 using Docker
ECA-7261 - Map which ECAQA automatic tests which need to be remapped
ECA-7275 - Test ACME wildcard cert issuance and pre-authorization with certbot.
ECA-7331 - Verify if Swagger UI for works for ACME API. If it does, add documentation to confluence. If not, hide the ACME part from swaggerUI
ECA-7545 - New Docker job on Jenkins - EE_COS7_OpenJDK8_WF10_NOHSM_DB2
ECA-7551 - Exploratory testing on CMP configuration page
ECA-7695 - Update persistence.xml and orm-dbtype.xml to reflect JEE7 version
ECA-7763 - Test upgrade from 6.15.0 to 7.0.0
ECA-7768 - Update readme with license information for Hibernate jars