EJBCA Cloud Release Notes Summary

The following summary lists new features and other changes included in EJBCA Cloud releases.

For more information on features and improvements implemented in the latest release, see the EJBCA Cloud Release Notes.

EJBCA Cloud 2.2

EC-152 - EJBCA Upgrade to 7.4.0

EC-153 - EJBCA ManagementCA name can now be changed so that all subsequent scripts detect this name change.

EC-154 - Renamed keys stored in the CloudHSM backed managementCA so they are detected by EJBCA healthcheck

EC-155 - Updated CloudHSM provider to May2020 version

EC-156 - CloudHSM client will now start properly after successful key creation by the configuration wizard.

EC-157 - Added AWS KMS flag to the default configuration for EJBCA

EJBCA Cloud 2.1.2 Update

EC-150 - Upgrade EJBCA due to Peering Issue

EC-151 - Upgrade MariaDB Database to 10.2.32

EJBCA Cloud 2.1.1 Update

EC-147 - Database permissions not applied correctly on certain RDS instances where external IPs were not utilized.

EC-148 - Script that turns EJBCA Cloud node into an RA, VA or Root doesn't apply reqcertindb property properly.

EC-149 - Script that turns node into an RA, VA or Root doesn't execute SQL commands correctly due to whitespace in source file.

EJBCA Cloud 2.1

EC-145 - Added an selecting to the database wizard to allow a cluster join option.

EJBCA Cloud 2.0

EC-135 - Backup and restore scripts now accommodate for any install made into RDS. Restore scripts also now reconfigure CloudHSM to make upgrades easier.
EC-140 - Port 8080 was found to be open and no longer needed since Apache is used to front end WildFly. Port closed.
EC-141 - CloudHSM provider upgraded to allow crypto tokens to be auto-activated.
EC-142 - Upgrade EJBCA to
EC-143 - Node does not install when no public DNS name is attached to public IP.
EC-144 - new_tls_cert.sh script no longer includes public IP and DNS information unless specified.

EJBCA Cloud 1.18

EC-137 - EJBCA Upgraded to 7.3.0 - Swagger enabled ejbca.ear included in dist dir.

EJBCA Cloud 1.17

EC-131 - EJBCA upgraded to 7.1.0
EC-130 - Added additional instance sizes to the AWS offering. Now includes AMD based instances and updated Intel based instances.
EC-129 - Product Renamed to EJBCA Enterprise Cloud in all scripts and documentation
EC-128 - Reduce Galera memory for small sized instances to 1GB
EC-127 - Options refactored in the system_backup.sh script. Please see script help for new syntax.
EC-126 - Updated CloudHSM provider to handle large key IDs and ECDSA Keys

EJBCA Cloud 1.16

EC-125 - Upgrade EJBCA to
EC-124 - Detect Instance Type and change WildFly memory settings accordingly

EJBCA Cloud 1.15.2

EC-120 - Upgrade EJBCA to
EC-123 - Added logic to restore script to check for public certificates in an existing system for CloudHSM

EJBCA Cloud 1.15.1

EC-117 - Upgrade product and AMI to use Amazon Linux 2
EC-118 - Upgrade EJBCA to 6.15.1
EC-119 - Patched P11 Driver for CloudHSM to handle higher than 10K key handle numbers

EJBCA Cloud 1.15

EC-116 - Upgrade MariaDB to 10.2.18 and JDBC connector to 2.2.6
EC-115 - Added CloudHSM files to the backup and restore scripts
EC-114 - Upgrade EJBCA to 6.15.0
EC-113 - Update P11 driver to remove -priv from CKA_ID
EC-112 - Apache blocking PUT method for REST API. Apache fixed to allow PUT
EC-111 - Update PKCS#11 driver with EC fixes from Cavium
EC-110 - Add patched CloudHSM PKCS#11 driver to source code

EJBCA Cloud 1.14

EC-108 - Removed database protection configuration. Add ability for users to configure it later as needed.
EC-109 - Upgrade EJBCA to 6.14.0

EJBCA Cloud 1.13

EC-100 - Upgrade Amazon Linux host to new AMI version (2018.03.0)
EC-101 - Upgrade EJBCA Version to 6.13.0
EC-102 - Delay configuration of EJBCA so configuration tools such as Terraform can complete their jobs.
EC-103 - Improve the detection of Public IP addresses, so when a node does not have one the install will succeed.
EC-104 - Fix error handling in new_tls_cert.sh script for when no DNS name is provided. Clean up output files.
EC-105 - Change ManagementCA DN to have a unique value for each instance and have it better represent the host which it belongs to.
EC-106 - Add unauthenticated support to Apache config for EST protocol.
EC-107 - Improve VA/RA installation script handing of requiring the management cert in DB.

EJBCA Cloud 1.12

EC-99 - Upgrade EJBCA to 6.12.0
EC-96 - Create failsafe for rare cases where EJBCA install does not start correctly on fresh boot.
EC-94 - Added scripts that allow for a user to convert a CA into an RA. Another script to support creating TLS certs for Apache on an external RA or VA.
EC-93 - Add myq_tools with readme for Galera viewing
EC-92 - Upgrade Java Connector to MariaDB to 2.2.1 (current)
EC-91 - Add the ability for users to specify database password in system backup script
EC-90 - Upgrade MariaDB to 10.2.13
EC-89 - Add error detection for invalid option given in new_tls_cert.sh script
EC-87 - Improve and tune Galera Clustering Config
EC-86 - Add new EJBCA Enterprise Cloud Documentation Link to login banner

EJBCA Cloud 1.11.1

EC-97 - Fixed odd case where publicweb administration link would redirect to 8443
EC-98 - Upgrade EJBCA to

EJBCA Cloud 1.11

EC-82 - new_tls_cert.sh script updated to allow custom DNS names and IP addresses. SslServerProfile updated to allow 6 DNS names and 3 IP addresses and the script written to enforce that amount
EC-83 - Make all support scripts help accessible with the same -h and --help options.
EC-84 - Update EJBCA to
EC-85 - Kernel patch for MELTDOWN and Spectre
EC-86 - Added EJBCA Enterprise documentation link to SSH login banner

EJBCA Cloud 1.10

EC-80 - Upgrade EJBCA to
EC-78 - Add functionality to rotate TLS script for Apache via automated script in the support directory. This helps when adding in support for external (custom) DNS names as well as when public IP rotates.

EJBCA Cloud 1.09

EC-79 - Upgrade EJBCA to 6.10.0

EJBCA Cloud 1.08

EC-63 - Bug fixes
EC-64 - Perform external vulerability scan on product and fix findings
EC-77 - Add functionality to encrypt backup made during the restore process

EJBCA Cloud 1.07

EC-70 - Upgrade EJBCA to 6.9.1

EJBCA Cloud 1.06

EC-66 - Create Restore script for restoring backups on upgraded nodes in support folder.
EC-62 - Added auto rotation and purge for WildFly server logs

EJBCA Cloud 1.05

EC-25 - Create EJBCA and TLS Cert backup script in the support folder

EJBCA Cloud 1.04

EC-69 - Create support data gathering script. Bug fixes
EC-51 - Code cleanup and optimization

EJBCA Cloud 1.03

Bug Fixes
EC-55 - Customized login banner for SSH

EJBCA Cloud 1.02

EC56 - Bug fixes

EJBCA Cloud 1.01

EC-1 - Initial Release
EC-3 - Automate Installation