SignServer 5.9.1 Release Notes

MAY 2022

The SignServer team is pleased to announce the release of SignServer 5.9.1.

This release includes improvements for the integration with AWS CloudHSM. The release also brings new versions of OpenPDF and Bouncy Castle and other minor improvements and corrections.

Deployment options include SignServer Hardware Appliance and SignServer Cloud.

Highlights

AWS CloudHSM Improvements

New flexibility of the P11NG crypto token now allows P11NG to be used with SignServer for integration with AWS CloudHSM. A new setting on a worker or the crypto token can control if a certificate object is generated when a key pair is generated. When used for integration with AWS CloudHSM, the worker or crypto token must be configured not to generate certificates, using the P11NGCryptoToken property GENERATE_CERTIFICATE_OBJECT. A similar option is also available in the p11-ng tool (using the nocertificateobject flag).

Further improvements to the Android (APK) signers have been made in this release making the APK signers work fully without certificates in the token and thus function with AWS CloudHSM.

Bouncy Castle Upgraded to Latest Version

Bouncy Castle is upgraded to version 1.71.

OpenPDF Upgraded to Latest Version

OpenPDF is upgraded to version 1.3.28.

Upgrade Information

Review the SignServer Upgrade Notes for important information about this release. For upgrade instructions, see Upgrade SignServer.

SignServer 5.9.1 is included in SignServer Hardware Appliance 3.9.6 and SignServer Cloud 1.11.1.

Change Log: Resolved Issues

For full details of fixed bugs and implemented features in SignServer 5.9.1, refer to our Jira Issue Tracker.

Issues Resolved in 5.9.1