Issues Resolved in 7.12

Released April 2023

    New Features

    ECA-11253 - New column in CertificateData in invalidityDate

    ECA-11254 - Add support for CRL extension "Invalidity Date"

    ECA-11255 - Extend revocation REST endpoint with invalidity date

    ECA-11256 - CRL generation with invalidity date

    ECA-11304 - Add checkbox in Edit CA: "Allow invalidity date"

    ECA-11322 - Modify the order of certificate extensions in a Certificate Profile

    ECA-11411 - Support SCEP RFC8894 CACaps with AES plus RSAES-OAEP

    Improvements

    ECA-11334 - EC Certificate Issuance Performance Issues

    ECA-11336 - Display invalidity date in RA-web search certificate view

    ECA-11354 - Update to commons-fileupload-1.5.jar due to CVE-2023-24998

    ECA-11379 - Unnecessary resize required during clone of HashMap in EndEntityProfile

    ECA-11415 - Add ServletFileUpload.setFileCountMax in request_result.jsp

    Bug Fixes

    ECA-10286 - IPv6 addresses are not parsed from CSRs

    ECA-10703 - Improving the log entry when publishing CRL but not storing them in db

    ECA-11175 - Nullpointer when refreshing OAuth bearer token

    ECA-11238 - Upgrade to 7.11.0 and Manage Requests generated an error

    ECA-11240 - ClientToolBox OCSP command fails if server is configured to use nonce

    ECA-11259 - Null Pointer Exception when doing configdump.sh import (p11ng)

    ECA-11272 - Unable to create/handle Authenticated CSRs

    ECA-11277 - Marshalling error in 7.11 with cvcRequest

    ECA-11281 - CRL Updater Service Skip CA if Token Offline

    ECA-11299 - Certificate view in CA UI via managed Peer cannot be closed

    ECA-11301 - Cache reload causing Java out of memory error

    ECA-11303 - Peer Connector - Unable to generate DH keys

    ECA-11310 - Regression: p11ng module missing from ejbca-ejb-cli

    ECA-11317 - Process ACME wildcard certificates in order state ready

    ECA-11325 - Configdump does not allow names with slashes

    ECA-11347 - Preserve SAN order when enrolling (est and others).

    ECA-11351 - ejbca.sh is ignoring p11ng when importing a CA

    ECA-11357 - MSAE Alias - Removing template mapping always removes the top row

    ECA-11358 - MSAE "The connection test succeeds." if the default password wasn't changed

    ECA-11360 - Certificate Search by Serial Number is timing out

    ECA-11365 - Remote Internal Key Binding Updater service renews certificate that expires with the CA

    ECA-11371 - Upgrade breaks ACME Aliases where RA Name Generation Scheme = RANDOM

    ECA-11374 - Security Issue (Update library kerby-asn1)

    ECA-11375 - Security Issue (Update library kerb-core)

    ECA-11383 - NPE when viewing certain certificates with Private Key Usage Period extension

    ECA-11384 - Static date strings fail in non UTC

    ECA-11389 - ADConnectionSingletonBean - could not obtain lock within 5000MILLISECONDS

    ECA-11393 - REST end entity management v2 looks to be available in Community

    ECA-11403 - In "Edit CA" page "Make certificate request" button is broken

    ECA-11408 - Supporting dashes in SCEP Alias names