Skip to main content
Skip table of contents

SignServer 7.0 Release Notes

OCTOBER 2024

The SignServer team is pleased to announce the release of SignServer 7.0.

This release includes an upgrade to the entire technology stack of the application. The SignServer 7.0 release is exclusively available for software and container-based deployments. For available deployment options and associated versions, refer to Supported Versions.

Highlights

Upgraded Technology Stack

SignServer 7 introduces support for running on an upgraded technology stack. As of version 7.0, the deployment prerequisites now include WildFly 32 or JBoss EAP 8 as the supported application servers, and Java 17 as the required runtime environment. While Java 17 is required for this release, Java 21 is planned for a future releases.

Due to changes in recent WildFly versions and JBoss EAP 8, which are not backward compatible with WildFly 26 and JBoss 7.4, the upgrade from SignServer 6.3 to SignServer 7 requires a complete technology stack upgrade.

Announcements

Removal of DSA algorithm

Support for the DSA algorithm has been removed in SignServer 7.0, following its deprecation in SignServer 6.2. Users of this algorithm must migrate to other algorithms.

Removal of support for Java 11

Support for Java 11 has been removed as part of the migration to the upgraded technology stack released in 7.0. The minimum version of Java is now Java 17. This applies to both SignServer and SignClient.

Upgrade Information

Review the SignServer Upgrade Notes for important information about this release. For upgrade instructions, see Upgrade SignServer.

Change Log: Resolved Issues

The following lists implemented features and fixed issues in SignServer 7.0.

Issues Resolved in 7.0

Released October 2024

New Features

DSS-2786 Add Support for Thales DPOD when using P11NG

DSS-2800 Support for JBoss EAP 8 - Support for Jakarta EE 10

Improvements

DSS-1748 Test and Support SignServer with PostgreSQL 10+

DSS-2695 Upgrade to OpenPDF 1.3.34

DSS-2811 Drop support for DSA

DSS-2812 Upgrade x509-common-util and P11NG for 7.0

DSS-2814 PR #92 Update links in README etc

DSS-2815 Upgrade to Jakarta EE 10

DSS-2816 Upgrade sd-dss to 6.0

DSS-2817 Upgrade cesecore with support for Jakarta EE 10

DSS-2819 Patch commons-fileupload 1.5 to support Jakarta EE 10

DSS-2820 Upgrade REST Assured to 5.5.0

DSS-2821 Upgrade xmlsec to version 3.0.3

DSS-2822 Patch xades4j 2.2.1 to support Jakarta EE 10

DSS-2823 Upgrade guide to 7.0.0

DSS-2824 Upgrade apache cxf to version 4.0.4

DSS-2825 Upgrade jackson.core and jackson.module to 2.17.0

DSS-2826 Upgrade DeployTools to 2.3

DSS-2828 Upgrade to jakarta.jakartaee-api 10.0.0

DSS-2829 Upgrade jetty-util, jetty-io, jetty-http, and jetty-server to the same version and to work with Jakarta EE 10.

DSS-2833 Make SELFSIGNED_VALIDITY more robust

DSS-2834 Removed patched class after upgrade of OpenPDF

DSS-2836 Upgrade jacoco-maven-plugin to work with Java 17

DSS-2860 Drop support for Java 11

DSS-2867 Upgrade dependencies with reported vulnerable versions for 7.0

DSS-2869 Documentation: Clarify regarding masking of property value output in Admin CLI

DSS-2870 Add support for masking the output for getproperty and getconfig Admin CLI commands

DSS-2862 Changed the behavior of the SignServer Admin CLI when using the setproperty command to mask the PIN value

DSS-2791 Changed the behavior of the SignServer Admin CLI when using the setproperties command to mask the PIN value

Bug Fixes

DSS-2641 Authentication configuration not parsed properly when importing 2 or more workers

DSS-2773 JAR signature verification can fail after signing a jar file already signed by another tool

DSS-2780 Running admin CLI getstatus on a ZoneFileServerSideSigner gives exception

DSS-2784 Using large validity dates for self signed certificate is giving date in the past.

DSS-2796 JAR signature verification fails after signing a jar file already signed by another tool

DSS-2805 AdESSigner always checks revocation status of signer cert, even when NOCERTIFICATES=true is set

DSS-2808 Regression: P11NG: Key objects created when generating a wrapped key not explicitly removed

DSS-2818 Change in Java 17 breaks RenewalUtils.getRequestSignatureAlgorithm for EdDSA if a JCE cert is used

DSS-2830 Regression: Can not call RenewSignerBulkBean via JSF

DSS-2831 AdES Signer template can not be applied in AdminWeb

DSS-2832 Favicon not loading properly after JEE10 migration

DSS-2841 Regression: Can't add properties by clicking add in GUI

DSS-2850 Fix output of path to shortcut icon

DSS-2868 JSP error pages not loading different resources properly

DSS-2871 Regression: P11NG CryptoToken in web “RSA” shows as null

DSS-2872 Regression: "Missing key encoding" exception signing with XAdES Signer using PKCS#11

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close