Component: certificate – MikroTik Changelog Tracker

6.49 Stable 2021-Oct-06 (4 years ago)

improved stability when removing dynamic CRL entries;

6.48 Stable 2020-Dec-22 (5 years ago)

clear challenge password on renew;
fixed CRL URL length limit;
fixed private key verification for CA certificate during signing process;
generate CRL even when CRL URL not specified;
properly flush expired SCEP OTP entries;

6.47 Stable 2020-Jun-02 (5 years ago)

added "skid" and "akid" values for detailed print;
allow dynamic CRL removal;
disabled CRL usage by default;
do not use SSL for first CRL update;

6.45.9 Long-term 2020-Apr-30 (5 years ago)

fixed certificate verification when flushing CRL's;

6.46.4 Stable 2020-Feb-21 (6 years ago)

fixed certificate verification when flushing CRL's;

6.46 Stable 2019-Dec-02 (6 years ago)

added progress bar when creating certificate request;
added support for certificate request signing with EC keys;
allow specifying "file-name" parameter for export (CLI only);
allow specifying "name" parameter for import (CLI only);
improved CRL updating process;
removed "key-size" parameter for "create-certificate-request" command;

6.45.3 Stable 2019-Jul-29 (6 years ago)

renew certificates via SCEP when 3/4 of lifetime reached;

6.44.5 Long-term 2019-Jul-04 (6 years ago)

removed "set-ca-passphrase" parameter;

6.45.1 Stable 2019-Jun-27 (6 years ago)

added "key-type" field;
added support for ECDSA certificates (prime256v1, secp384r1, secp521r1);
fixed self signed CA certificate handling by SCEP client;
made RAM the default CRL storage location;
removed DSA (D) flag;
removed "set-ca-passphrase" parameter;

6.44.3 Stable 2019-Apr-23 (6 years ago)

fixed SAN being duplicated on status change (introduced in v6.44);

6.44.1 Stable 2019-Mar-13 (6 years ago)

force 3DES encryption for P12 certificate export;

6.43.13 Long-term 2019-Mar-13 (6 years ago)

force 3DES encryption for P12 certificate export;

6.44 Stable 2019-Feb-25 (7 years ago)

added support for multiple "Subject Alt. Names";
enabled RC2 cipher to allow P12 certificate decryption;
fixed certificate signing by SCEP client if multiple CA certificates are provided;
show digest algorithm used in signature;

6.42.11 Long-term 2018-Dec-21 (7 years ago)

properly flush old CRLs when changing store location;

6.43.7 Stable 2018-Nov-30 (7 years ago)

fixed "expires-after" parameter calculation;
fixed time zone adjustment for SCEP requests;
properly flush old CRLs when changing store location;

6.42.10 Long-term 2018-Nov-14 (7 years ago)

fixed time zone adjustment for SCEP requests;

6.43 Stable 2018-Sep-06 (7 years ago)

added "expires-after" parameter;
do not allow to perform "undo" on certificate changes;
fixed RA "server-url" setting;

6.40.9 Long-term 2018-Aug-20 (7 years ago)

fixed "add-scep" template existence check when signing certificate;

6.42.4 Stable 2018-Jun-15 (7 years ago)

fixed "add-scep" template existence check when signing certificate;

6.40.8 Long-term 2018-Apr-23 (7 years ago)

fixed incorrect SCEP URL after an upgrade;

6.42 Stable 2018-Apr-13 (7 years ago)

added PKCS#10 version check;
dropped DES support and added AES instead for SCEP;
dropped MD5 support and require SHA1 as minimum for SCEP;
fixed incorrect SCEP URL after an upgrade;

6.40.6 Long-term 2018-Feb-20 (8 years ago)

do not use UTF-8 for SCEP challenge password;
fixed PKCS#10 version;

6.41.1 Stable 2018-Jan-30 (8 years ago)

do not use utf8 for SCEP challenge password;
fixed PKCS#10 version;

6.41 Stable 2017-Dec-22 (8 years ago)

added option to store CRL in RAM (CLI only);
fixed SCEP "get" request URL encoding;
improved CRL update after system startup;
show "Expired" flag when initial CRL fetch fails;
show invalid flag when local CRL file does not exist;

6.40.5 Stable 2017-Oct-31 (8 years ago)

fixed import of certificates with empty SKID;

Releases by channel (stacked)