Release note Certificate Manager 8.4.1
Version: 8.4.1
Release Date: 2021-11-03
Certificate Manager 8.4.1 replaces Certificate Manager 8.4.
Main new features
Certificate provisioning for ETSI Intelligent Transportation System Stations
Protocol Gateway now supports ITS-Station requests for retrieval of Enrollment Credentials and Authorization Tickets in accordance with ETSI 102 941 v1.4.1. See itss.properties in Configuration files in Protocol Gateway.
Add ACME account email to certificates
A new option is now available to add the ACME account email to the acme produced certificates. See new parameter 'addAccountContactEmail' in acme.properties.
WinEP Enroll On Behalf Of (EOBO)
Protocol Gateway and WinEP now supports EOBO requests. See Enroll on behalf of in WinEP.
Changed functionality
ACME domain name restrictions reduced
The domain name restrictions applied to requests through ACME has been lessened to support single character domain names and domain names containing hyphens (-).
Corrected problems
CM client pin cache bug
A bug in CM 8.4 clients lead to caching of signer pin for an officer token, resulting in signing operations could be performed without entering the token pin.
HSM keys with long keyid
Fixed an issue where HSM hosted keys of long key id's where not correctly identified and handled by CF and AWB.
Fixed broken TLSv1.3 with RSA in Java 11.0.12
Java 11.0.12 altered the way TLSv1.3 works with RSASSA-PSS based TLS certificates, which also affected regular RSA based TLS certificates.
CA formats could not be edited in the AWB
Fixed an issue where CA formats could not be altered using the advanced button for a chosen certificate format in the AWB.
Problem in AWB displaying historic officer signatures
Information related to very old officers objects failed to be correctly displayed in the officer signatures section when signing AWB objects.
Fixed an error when specifying Certificate Procedure in CM-SDK requests
If a Certificate Procedure was specified in a CM-SDK request instead of a Token procedure, it resulted in a null pointer exception.
IETF leap-seconds list hash calculation
Fixed an issue where the hash calculation and subsequent verification failed when verifying the IETF leap-seconds list.
Detailed feature list
For a detailed overview of changed functionality, deprecated functions and corrected problems, see Release.txt which is provided with the installation media.
Contact
Contact Information
For information regarding support, training and other services in your area, please visit our website at www.nexusgroup.com/.
Support
Nexus offers maintenance and support services for Nexus Certificate Manager to customers and partners. For more information, please refer to the Nexus Technical Support at www.nexusgroup.com/support/, or contact your local sales representative.