EJBCA 7.5.1 Release Notes

The PrimeKey EJBCA team is pleased to announce the release of EJBCA 7.5.1. This is a limited spot release focusing on support for revocation in Intune ecosystems, and will only be released to select customers at this time. This functionality will be included in EJBCA 7.6.0 and will then be made available on EJBCA Hardware Appliance, EJBCA Software Appliance, and EJBCA Cloud.



Highlights

Revocation in Microsoft Intune Ecosystems

EJBCA added support for Microsoft Intune [External Link] in version 7.4.1, a powerful framework based on the SCEP protocol which allows enrollment of devices with credentials managed in Microsoft Azure Active Directory. EJBCA 7.5.1 add support for the new revocation API added to Azure by Microsoft at the start of this year

Upgrade Information

As a minor release, the upgrade procedure is the same as for EJBCA 7.5.0. See the EJBCA 7.5 Upgrade Notes for important information about this release. For upgrade instructions and information on upgrade paths, see Upgrading EJBCA.

Change Log: Resolved Issues

For full details of fixed bugs and implemented features in EJBCA 7.5.1, refer to our JIRA Issue Tracker.

Issues Resolved in 7.5.1

Internally Released May 2021

    New Features

    ECA-9270 - Allow Intune verification to be performed from the RA

    ECA-9441 - Implement support for a keystore using FIPS compliant algorithms

    ECA-9972 - Create a Service Worker for Intune Revocation

    ECA-10010 - Use configured CAs

    ECA-10016 - SCEP servlet should update intune after cert issuance

    Improvements

    ECA-9658 - ACME agree to new ToS

    ECA-9792 - Add a button for importing certificates to an OCSP responder

    ECA-9833 - Configdump SCEP Import/Export with Intune settings

    ECA-9898 - ACME: Limit followed redirect codes according to CABForum Ballot SC44

    ECA-9974 - The domain ignore list used for CAA validation should be consistent with how domains names in certificates work

    Bug Fixes

    ECA-9372 - "Any CA" in Ocsp Pre-Signer Service has no effect

    ECA-9408 - Security hardening

    ECA-9903 - Remove Apache Velocity from /lib

    ECA-9977 - Regression: ejbca.sh fails to import endentities profiles with notifications - need commons-lang3

    ECA-9984 - Allowed Characters changing after disabling User Storage

    ECA-10000 - p11ng-cli signperformancetest calculates signings per seconds incorrectly

    ECA-10007 - MSAE Configuration displays in VA instances

    ECA-10017 - Fix FindBugs warnings related to OAuth