![]() The standardization of these algorithms is planned to be finalized by INST in 2024. Post-Quantum ReadinessĮJBCA 8 includes support for creating CAs using the NIST round 3 candidate post-quantum signature algorithms Dilith ium and Falcon. Server-side key generation may be used regardless of whether EST is carried over HTTP or CoAP. General EST support in EJBCA 8 has also been extended to support server-side key generation. Running EST over CoAP in EJBCA 8 requires using an EJBCA LRA Software Appliance connected to an EJBCA Certificate Authority (CA). Resource-constrained devices can enroll for certificates using EST over CoAP. In order to extend deployment flexibility EJBCA 8 enables the deployment of a Local Registration Authority (LRA) to issue birth certificates or operational certificates in IIoT and IoT use cases. EST over CoAP in EJBCA LRA Software Appliance SSH certificate enrollment is supported through the EJBCA REST API and the EJBCA RA user interface. With EJBCA you can now issue SSH certificates in addition to X.509 certificates, Card Verifiable certificates, and C-ITS certificates. Enabling SSH servers and clients to trust the CA means that SSH can leverage the power of PKI. The use of SSH certificates for certificate-based authentication in SSH rather than SSH key distribution and management allows organizations to both increase productivity and improve security. EJBCA 8.0 Release NotesĮJBCA 8 includes the new Certificate Authority (CA) type SSH CA capable of issuing Secure Shell Protocol (SSH) certificates. For more information, see Database Maintenance Service. The interval used by the service to check for expired certificates and CRLs is configurable as well as the time period to keep certificates and CRLs in the system once expired. Expired Certificate CleanupĪ new service has been added in EJBCA 8.1 to enable automated cleanup of expired certificates and Certificate Revocation Lists (CRLs). For more information, see Subject Name Log Redaction. Subject Name Log Redaction can be used to set up EJBCA for compliance with data privacy regulations relating to the content of the SubjectDN and SAN fields. ![]() Using the Subject Name Log Redaction feature in EJBCA 8.1, EJBCA administrators can set up the system to redact Subject Distinguished Name (SubjectDN) and Subject Alternate Name (SAN) from the audit log and trace logs for configured end entities. SEPTEMBER 2023 Subject Name Log Redaction The EJBCA Release Notes also include a change log, listing all issues resolved in the release and a cross-reference to our JIRA Issue Tracker for full details on issues resolved in the release. The following lists release notes for all EJBCA versions released.įor information on features and improvements implemented per release, see the EJBCA Release Notes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |