Issues Resolved in 7.12
Released April 2023
New Features
ECA-11253 - New column in CertificateData in invalidityDate
ECA-11254 - Add support for CRL extension "Invalidity Date"
ECA-11255 - Extend revocation REST endpoint with invalidity date
ECA-11256 - CRL generation with invalidity date
ECA-11304 - Add checkbox in Edit CA: "Allow invalidity date"
ECA-11322 - Modify the order of certificate extensions in a Certificate Profile
ECA-11411 - Support SCEP RFC8894 CACaps with AES plus RSAES-OAEP
Improvements
ECA-11334 - EC Certificate Issuance Performance Issues
ECA-11336 - Display invalidity date in RA-web search certificate view
ECA-11354 - Update to commons-fileupload-1.5.jar due to CVE-2023-24998
ECA-11379 - Unnecessary resize required during clone of HashMap in EndEntityProfile
ECA-11415 - Add ServletFileUpload.setFileCountMax in request_result.jsp
Bug Fixes
ECA-10286 - IPv6 addresses are not parsed from CSRs
ECA-10703 - Improving the log entry when publishing CRL but not storing them in db
ECA-11175 - Nullpointer when refreshing OAuth bearer token
ECA-11238 - Upgrade to 7.11.0 and Manage Requests generated an error
ECA-11240 - ClientToolBox OCSP command fails if server is configured to use nonce
ECA-11259 - Null Pointer Exception when doing configdump.sh import (p11ng)
ECA-11272 - Unable to create/handle Authenticated CSRs
ECA-11277 - Marshalling error in 7.11 with cvcRequest
ECA-11281 - CRL Updater Service Skip CA if Token Offline
ECA-11299 - Certificate view in CA UI via managed Peer cannot be closed
ECA-11301 - Cache reload causing Java out of memory error
ECA-11303 - Peer Connector - Unable to generate DH keys
ECA-11310 - Regression: p11ng module missing from ejbca-ejb-cli
ECA-11317 - Process ACME wildcard certificates in order state ready
ECA-11325 - Configdump does not allow names with slashes
ECA-11347 - Preserve SAN order when enrolling (est and others).
ECA-11351 - ejbca.sh is ignoring p11ng when importing a CA
ECA-11357 - MSAE Alias - Removing template mapping always removes the top row
ECA-11358 - MSAE "The connection test succeeds." if the default password wasn't changed
ECA-11360 - Certificate Search by Serial Number is timing out
ECA-11365 - Remote Internal Key Binding Updater service renews certificate that expires with the CA
ECA-11371 - Upgrade breaks ACME Aliases where RA Name Generation Scheme = RANDOM
ECA-11374 - Security Issue (Update library kerby-asn1)
ECA-11375 - Security Issue (Update library kerb-core)
ECA-11383 - NPE when viewing certain certificates with Private Key Usage Period extension
ECA-11384 - Static date strings fail in non UTC
ECA-11389 - ADConnectionSingletonBean - could not obtain lock within 5000MILLISECONDS
ECA-11393 - REST end entity management v2 looks to be available in Community
ECA-11403 - In "Edit CA" page "Make certificate request" button is broken
ECA-11408 - Supporting dashes in SCEP Alias names