EJBCA Cloud Release Notes Summary
The following summary lists new features and other changes included in EJBCA Cloud releases.
For more information on features and improvements implemented in the latest release, see the EJBCA Cloud Release Notes.
EJBCA Cloud 3.0
EJBCA Cloud updates EJBCA Enterprise to version 7.11, see EJBCA 7.11 Release Notes.
The Cloud Configuration Wizard now allows you to select different database types. The wizard can test connections and install into Oracle, Microsoft SQL, PostgreSQL, and MariaDB in AWS and Azure.
EJBCA Cloud 2.11
EJBCA Cloud updates EJBCA Enterprise to version 7.10, see EJBCA 18.104.22.168 Release Notes.
EJBCA Cloud 2.10.1
EJBCA Cloud updates EJBCA Enterprise to version 7.9.1, see EJBCA 7.9.1 Release Notes.
EJBCA Wizard now has Keyfactor branding and coloring.
EJBCA Cloud 2.10
EJBCA Cloud updates EJBCA Enterprise to version 7.9.0, see EJBCA 7.9.0 Release Notes.
EJBCA Cloud 2.9.2
EJBCA Cloud updates EJBCA Enterprise to version 7.8.1, see EJBCA 7.8.1 Release Notes. The most notable improvements in this EJBCA related to EJBCA Cloud are P11NG enhancements with CloudHSM in AWS that bring significant performance improvements.
The following lists new features and other changes included in the release.
EC-212 - Upgrade MariaDB to 10.5.X
EC-213 - Upgrade EJBCA to 7.8.1
EC-211 - Wizard does not allow underscore in DB username when RDS allows it
EJBCA Cloud 2.9.1
EJBCA Cloud updates EJBCA Enterprise to version 22.214.171.124, see EJBCA 7.8 Release Notes.
The following lists new features and other changes included in the release.
EC-203 - Upgrade EJBCA to 126.96.36.199
EC-204 - Upgrade WildFly to WildFly 24.0.1
EC-205 - Upgrade Java to JDK11
EC-207 - Change database permissions to be 10.4 RDS compliant
EC-208 - Upgrade JDBC Provider to latest current
EC-209 - Load balancers are redirecting HTTP to HTTPS due to Apache config
EC-210 - Refactor Apache Config to best practices
EC-200 - Bug in configuration wizard scripts in Azure when using external management CA
EC-201 - Change the SSL Server certificate profile to 1 year
EJBCA Cloud 2.8
EJBCA Cloud updates EJBCA Enterprise to version 7.7.0, see EJBCA 7.7 Release Notes.
EJBCA Cloud 2.7
EJBCA Cloud updates EJBCA Enterprise to version 7.6.0, see EJBCA 7.6 Release Notes.
EJBCA Cloud 2.6.1
EC-172 - Update provisioning code to allow for the new EJBCA 7.5 CloudHSM integration
EC-177 - Upgrade WildFly to version 21
EC-184 - Create Wizard for Azure Deployments that allows installation into an external database (including cluster joins for upgrades) as well as Azure Key Vault for the ManagementCA keys.
EC-185 - Integrate Azure Key Vault into Wizard for AKV stored keys
EC-186 - Allow users to edit ManagementCA DN in wizard - O and OU can now be configured along with CA Name
EC-187 - Upgrade nodeJS in confwizard to v14 and patch all packages
EC-175 - Automate EJBCA Azure Build to be unified with AWS
EC-182 - Merge automation of AWS & Azure into the single repo for unified build process
EC-192 - Update provisioning code to build Wizard based VA in AWS
EC-188 - Install NodeJS as part of the build rather than including it in source.
EC-189 - Upgrade all Azure support scripts to support external DBs like AWS does
EC-190 - Detect unknown ManagementCA name for cluster joins when a custom one was specified in configuration wizard.
EC-191 - Fix error handling of Cluster joins now that they work with 7.5
EC-193 - Update Azure Marketplace Template to remove Superadmin config since its now in the wizard
EC-194 - Update provisioning code to build RA or VA from single source bundle
EJBCA Cloud 2.5.3
EC-177 - Upgrade WildFly from version 10.1 to 21
EC-176 - Upgrade EJBCA to version 188.8.131.52
EC-174 - Upgrade Java to version JDK11
EC-171 - Fix regression where swagger enabled ejbca.ear file did not enable the flag correctly.
EC-167 - Add Thales DPoD to web.properties and some necessary environment variables (see Thales DPoD Integration Guide).
EJBCA Cloud 2.5
EC-163 - Allow "none" for publicIP to be selected in Azure template
EC-164 - Upgrade EJBCA to 7.4.3
EC-165 - Upgrade CentOS7.x to CentOS8.2 in Azure
EC-166 - Refactor how PublicDNS name is detected to make it no longer dependent on azure environment metadata or variables
EJBCA Cloud 2.4
EC-162 - Add use separate certificate data table to all EJBCA Cloud products
EC-161 - Change Installation process to use the built in index and schema SQL scripts
EJBCA Cloud 2.3
EC-160 - Upgrade EJBCA to 7.4.1
EC-159 - Change memory usage for WildFly on 8GB instances
EC-158 - Fixed errors on backup and restore scripts for RDS/Local installs
EJBCA Cloud 2.2
EC-152 - EJBCA Upgrade to 7.4.0
EC-153 - EJBCA ManagementCA name can now be changed so that all subsequent scripts detect this name change.
EC-154 - Renamed keys stored in the CloudHSM backed ManagementCA so they are detected by EJBCA healthcheck
EC-155 - Updated CloudHSM provider to May2020 version
EC-156 - CloudHSM client will now start properly after successful key creation by the configuration wizard.
EC-157 - Added AWS KMS flag to the default configuration for EJBCA
EJBCA Cloud 2.1.2 Update
EC-150 - Upgrade EJBCA due to Peering Issue
EC-151 - Upgrade MariaDB Database to 10.2.32
EJBCA Cloud 2.1.1 Update
EC-147 - Database permissions not applied correctly on certain RDS instances where external IPs were not utilized.
EC-148 - Script that turns EJBCA Cloud node into an RA, VA or Root doesn't apply reqcertindb property properly.
EC-149 - Script that turns node into an RA, VA or Root doesn't execute SQL commands correctly due to whitespace in source file.
EJBCA Cloud 2.1
EC-145 - Added an selecting to the database wizard to allow a cluster join option.
EJBCA Cloud 2.0
EC-135 - Backup and restore scripts now accommodate for any install made into RDS. Restore scripts also now reconfigure CloudHSM to make upgrades easier.
EC-140 - Port 8080 was found to be open and no longer needed since Apache is used to front end WildFly. Port closed.
EC-141 - CloudHSM provider upgraded to allow crypto tokens to be auto-activated.
EC-142 - Upgrade EJBCA to 184.108.40.206.
EC-143 - Node does not install when no public DNS name is attached to public IP.
EC-144 - new_tls_cert.sh script no longer includes public IP and DNS information unless specified.
EJBCA Cloud 1.18
EC-137 - EJBCA Upgraded to 7.3.0 - Swagger enabled ejbca.ear included in dist dir.
EJBCA Cloud 1.17
EC-131 - EJBCA upgraded to 7.1.0
EC-130 - Added additional instance sizes to the AWS offering. Now includes AMD based instances and updated Intel based instances.
EC-129 - Product Renamed to EJBCA Enterprise Cloud in all scripts and documentation
EC-128 - Reduce Galera memory for small sized instances to 1GB
EC-127 - Options refactored in the system_backup.sh script. Please see script help for new syntax.
EC-126 - Updated CloudHSM provider to handle large key IDs and ECDSA Keys
EJBCA Cloud 1.16
EC-125 - Upgrade EJBCA to 220.127.116.11
EC-124 - Detect Instance Type and change WildFly memory settings accordingly
EJBCA Cloud 1.15.2
EC-120 - Upgrade EJBCA to 18.104.22.168
EC-123 - Added logic to restore script to check for public certificates in an existing system for CloudHSM
EJBCA Cloud 1.15.1
EC-117 - Upgrade product and AMI to use Amazon Linux 2
EC-118 - Upgrade EJBCA to 6.15.1
EC-119 - Patched P11 Driver for CloudHSM to handle higher than 10K key handle numbers
EJBCA Cloud 1.15
EC-116 - Upgrade MariaDB to 10.2.18 and JDBC connector to 2.2.6
EC-115 - Added CloudHSM files to the backup and restore scripts
EC-114 - Upgrade EJBCA to 6.15.0
EC-113 - Update P11 driver to remove -priv from CKA_ID
EC-112 - Apache blocking PUT method for REST API. Apache fixed to allow PUT
EC-111 - Update PKCS#11 driver with EC fixes from Cavium
EC-110 - Add patched CloudHSM PKCS#11 driver to source code
EJBCA Cloud 1.14
EC-108 - Removed database protection configuration. Add ability for users to configure it later as needed.
EC-109 - Upgrade EJBCA to 6.14.0
EJBCA Cloud 1.13
EC-100 - Upgrade Amazon Linux host to new AMI version (2018.03.0)
EC-101 - Upgrade EJBCA Version to 6.13.0
EC-102 - Delay configuration of EJBCA so configuration tools such as Terraform can complete their jobs.
EC-103 - Improve the detection of Public IP addresses, so when a node does not have one the install will succeed.
EC-104 - Fix error handling in new_tls_cert.sh script for when no DNS name is provided. Clean up output files.
EC-105 - Change ManagementCA DN to have a unique value for each instance and have it better represent the host which it belongs to.
EC-106 - Add unauthenticated support to Apache config for EST protocol.
EC-107 - Improve VA/RA installation script handing of requiring the management cert in DB.
EJBCA Cloud 1.12
EC-99 - Upgrade EJBCA to 6.12.0
EC-96 - Create failsafe for rare cases where EJBCA install does not start correctly on fresh boot.
EC-94 - Added scripts that allow for a user to convert a CA into an RA. Another script to support creating TLS certs for Apache on an external RA or VA.
EC-93 - Add myq_tools with readme for Galera viewing
EC-92 - Upgrade Java Connector to MariaDB to 2.2.1 (current)
EC-91 - Add the ability for users to specify database password in system backup script
EC-90 - Upgrade MariaDB to 10.2.13
EC-89 - Add error detection for invalid option given in new_tls_cert.sh script
EC-87 - Improve and tune Galera Clustering Config
EC-86 - Add new EJBCA Enterprise Cloud Documentation Link to login banner
EJBCA Cloud 1.11.1
EC-97 - Fixed odd case where publicweb administration link would redirect to 8443
EC-98 - Upgrade EJBCA to 22.214.171.124
EJBCA Cloud 1.11
EC-82 - new_tls_cert.sh script updated to allow custom DNS names and IP addresses. SslServerProfile updated to allow 6 DNS names and 3 IP addresses and the script written to enforce that amount
EC-83 - Make all support scripts help accessible with the same -h and --help options.
EC-84 - Update EJBCA to 126.96.36.199
EC-85 - Kernel patch for MELTDOWN and Spectre
EC-86 - Added EJBCA Enterprise documentation link to SSH login banner
EJBCA Cloud 1.10
EC-80 - Upgrade EJBCA to 188.8.131.52
EC-78 - Add functionality to rotate TLS script for Apache via automated script in the support directory. This helps when adding in support for external (custom) DNS names as well as when public IP rotates.
EJBCA Cloud 1.09
EC-79 - Upgrade EJBCA to 6.10.0
EJBCA Cloud 1.08
EC-63 - Bug fixes
EC-64 - Perform external vulerability scan on product and fix findings
EC-77 - Add functionality to encrypt backup made during the restore process
EJBCA Cloud 1.07
EC-70 - Upgrade EJBCA to 6.9.1
EJBCA Cloud 1.06
EC-66 - Create Restore script for restoring backups on upgraded nodes in support folder.
EC-62 - Added auto rotation and purge for WildFly server logs
EJBCA Cloud 1.05
EC-25 - Create EJBCA and TLS Cert backup script in the support folder
EJBCA Cloud 1.04
EC-69 - Create support data gathering script. Bug fixes
EC-51 - Code cleanup and optimization
EJBCA Cloud 1.03
EC-55 - Customized login banner for SSH
EJBCA Cloud 1.02
EC56 - Bug fixes
EJBCA Cloud 1.01
EC-1 - Initial Release
EC-3 - Automate Installation