EJBCA 8.1 Upgrade Notes

Below are important changes and requirements when upgrading from EJBCA 8.0 to EJBCA 8.1.

For upgrade instructions and information on upgrade paths, see Upgrading EJBCA. For details of the new features and improvements in this release, see the EJBCA 8.1.0 Release Notes.

Behavioral Changes

Changed behavior when editing or adding end entity through SOAP/WS.

When using the "edituser" command to add or edit an end entity through web services, the end entity profile setting Modifiable was previously ignored for Start Time and End Time.

This has now been changed and it is no longer possible to update Start Time or End Time with new values unless allowed by the profile. It is also not possible to add a new end entity with other values for Start Time and End Time than those specified in the profile, unless they have been configured in the profile as Modifiable.

Improved error handling in v1/certificate/certificaterequest

The REST endpoint v1/certificate/certificaterequest would previously return HTTP response status code 500 Internal Server Error in a number of scenarios where a 400 Bad Request or 409 Conflict would have been more appropriate. Errors related to misconfigured custom extensions or a malformed CSR will now return the response status code 400. Errors related to the Subject DN of the End Entity or the Public Key of the CSR conflicting with existing ones now return the response status code 409.

Unintended API Breakage in Peer Connections in 8.0

The 8.0 release contained an unintended API breakage in Peer Connections. In EJBCA 8.0.0.1 the API was restored to work as in 7.x again (ECA-11731).

If you are planning on using a mixed version environment, with some nodes running 8.0 and others running later or earlier versions, please refer to the EJBCA 8.0 Upgrade Notes.