JULY 2023

This release of EJBCA Software Appliance version 2.4.1 resolves an issue in version 2.4.0 and 2.3.3, and it is an update to the not generally available EJBCA Software Appliance 2.4.0 and 2.3.3 releases.

This release brings extended hardware security module (HSM) support, EST over CoAP support in EJBCA LRA Software Appliance, and introduces syslog shipping over TLS and email notification capabilities. The release also includes a hotfix for an issue discovered in EJBCA Software Appliance 2.3.3 regarding our syslog rotation. With this release, we have also updated EJBCA Enterprise to 8.0.

Highlights

Support for Securosys Primus X-Series and Securosys CloudsHSM

EJBCA Software Appliance now offers support for Securosys Primus X-Series and Securosys CloudsHSM hardware security modules, expanding the range of HSM options available.

EST over CoAP in EJBCA LRA Software Appliance

EJBCA 8 enables the deployment of a Local Registration Authority (LRA) to issue birth certificates or operational certificates in IIoT and IoT use cases. Resource-constrained devices can enroll for certificates using EST over CoAP, a lightweight protocol for IoT devices. Running EST over CoAP in EJBCA 8 requires using an EJBCA LRA Software Appliance connected to an EJBCA Certificate Authority (CA). 

Syslog shipping over TLS

With this release, EJBCA Software Appliance introduces the ability to ship syslog messages securely over TLS, ensuring the confidentiality and integrity of log data during transmission.

Extended notification capabilities

We have enhanced the notification system of EJBCA Software Appliance to include email notifications. You can now configure the system to send email notifications for various events in EJBCA, keeping you informed about activities in your environment.

New version of EJBCA Enterprise

EJBCA Enterprise has been updated to version 8.0, bringing advancements in IoT security, SSH certificate issuance, and post-quantum readiness. For more information, see the EJBCA Release Notes.

Keyfactor Branding enhancement

The user interface of EJBCA Software Appliance has been updated with Keyfactor branding enhancements. This includes application logo and favicon updates, aligning the interface with the Keyfactor brand identity.

Improvements and fixes

EJBCA Software Appliance 2.4.1 resolves an issue related to importing Certificate Revocation Lists (CRLs) with more than 40,000 entries. 

An issue regarding TrustWay Proteccio netHSM has also been resolved, enabling the download of the client certificate and utilizing the HSM as intended.

In addition, several minor bug fixes have been addressed to improve system stability and performance.

We have also introduced a hotfix for the syslog rotation, where logs could consume a great deal of disk space and that individual log files could grow to very large sizes, taxing available disk space and causing system performance issues, making it impossible to generate support packages.

Upgrade Information

For information on the required steps to update the EJBCA Software Appliance, see Update Software Appliance Version.