Skip to main content
Skip table of contents

EJBCA 7.12.0.3 Release Notes

OCTOBER 2023

This maintenance release includes important corrections and additional improvements for EJBCA 7.x customers. All EJBCA 7 customers are advised to upgrade to EJBCA 8.

This release also resolves a security authentication issue (ECA-11478) discovered in EJBCA 7.12.0 that allowed the EJBCA RA user interface certificate distribution servlet to allow partial denial of service. This issue is rated as medium severity and has been assigned CVE-2023-34196. It is recommended that customers upgrade to EJBCA 8 in order to resolve the issue. While EJBCA 7 is still supported, customers may choose to upgrade to EJBCA 7.12.0.3 as an intermediate step.

Upgrade Information

As a maintenance release, the upgrade procedure is the same as for EJBCA 7.12.

For information on upgrading to EJBCA 8, see the EJBCA Upgrade Notes. For upgrade instructions and information on upgrade paths, see Upgrading EJBCA.

Change Log: Resolved Issues

Issues Resolved in 7.12.0.3

Released October 2023

New Features

ECA-11876 - SOAP WS API: Support more fields when creating CAs

Improvement

ECA-11852 - Upgrade JackNJI11 to improve error handling in FindObjects and work with cloudHSM with more than 1024 key pairs

Bug Fixes

ECA-11599 - Rest Endenityv1 not working on 7.12 RA + 7.10 CA

ECA-11721 - CA revocation revokes expired certificates

ECA-11744 - Wrong timezone is used for CT log sharding

Issues Resolved in 7.12.0.2

EJBCA 7.12.0.2 was an internal release, not generally available to customers

ECA-11478 - Security issue

ECA-11525 - Crypto tokens created using ejbca.sh do not autoactivate


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.