Component: certificate

6.39 Stable 2017-Apr-27 (8 years ago)

• SCEP client now supports FQDN URL and port;
• allow CRL address to be specified as DNS name;

6.38.1 Stable 2017-Jan-13 (9 years ago)

• added year cap (invalid-after date will not exceed year 2039);
• fixed fail on import from CAPs when both key and name already exist;

6.37 Stable 2016-Sep-23 (9 years ago)

• do not allow to remove certificate template while signing certificate;

6.36 Stable 2016-Jul-20 (9 years ago)

• added automatic scep renewal delay after startup to avoid all requests accessing CA at the same time;
• cancel pending renew when certificate becomes valid after date change;
• display issuer and subject on check failure;
• do not exit after card-verify;
• force scep renewal on system clock updates;

6.35 Stable 2016-Apr-14 (9 years ago)

• revoked certificates not showing as (R)evoked;
• allow manual crl url addition;

6.21 Stable 2014-Oct-30 (11 years ago)

• fix CRL handling in trust chain;

6.7 Stable 2013-Nov-29 (12 years ago)

• support ip, dns and email subject alternative names;

6.6 Stable 2013-Nov-07 (12 years ago)

• no more 'reset-certificate-cache' and 'decrypt' commands, private keys can be decrypted only on 'import', use 'decrypt' before upgrade if needed;
• merged '/certificate ca issued', '/certificate scep client' and '/certificate templates' into '/certificate';