CZERTAINLY-Core-2.13.1

What's Changed

Enhancements 🛠

• Add Subject type property to certificate and add filter for it by @klaraf755 in #860

Bug Fixes 🔩

• Fix filtering on attributes of non string content types by @lubomirw in #857
• Fix editing of scheduled job CRON expression and return correct response by @lubomirw in #870
• Fix transaction handling in scheduled discoveries process by @lubomirw in #871
• Register metadata content for discovered certificates before its processing by @lubomirw in #875
• Fix bulk removal of certificate owner by @klaraf755 in #876
• Fix ACME finding an account URL given a key by @3keyroman in #880

Other 🗄

• Update dependency io.opentelemetry:opentelemetry-bom to v1.42.1 by @renovate in #832
• Update dependency io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom to v2.8.0 by @renovate in #863

Full Changelog: 2.13.0...2.13.1

CZERTAINLY-Core-2.13.0

What's Changed

New Features 🦾

• Implementation of CMPv2 protocol for certificate management by @3keyroman in #721

Enhancements 🛠

• Migrate to SpringBoot 3.3.x + Java 21 and update related dependencies by @3keyroman in #775
• Improve performance of audit log purge by @klaraf755 in #781
• Link protocol information and certificate that was issued and managed through the protocol by @klaraf755 in #776
• Update OpenTelemetry dependencies and tracing by @3keyroman in #791
• Implement editing of CRON expression of scheduled job by @klaraf755 in #788
• Improve performance of dashboard statistics calculation by @lubomirw in #799
• Calculate certificate statistics parallely to improve dashboard response time by @lubomirw in #800
• Remove join fetch associations in certificates and keys inventory to avoid in memory pagination by @lubomirw in #801
• Add certificate validity period dates to certificate status changed notification data by @klaraf755 in #787
• Add foreign key cascade for CRL CA certificate by @klaraf755 in #810
• Handle discovered certificates in parallel batches in separate transaction with reported progress by @lubomirw in #815
• Update default value for maximum pool size for DB connections by @lubomirw in #816
• Handle bulk validation of certificates in separate queue by @lubomirw in #820
• Make bulk delete of discoveries async operation by @klaraf755 in #823
• Handle validation of issued certificate after process from separate queue by @lubomirw in #836
• Add info endpoint to provide information about CZERTAINLY application by @klaraf755 in #839

Bug Fixes 🔩

• Fix serialization/deserialization of JSONB entity column defined as Object type by @lubomirw in #782
• Fix incorrect Failed execution status of scheduled discovery job by @lubomirw in #807
• Fix processing of discovery in transaction by @3keyroman in #797
• Prevent using file system when downloading certificate from AIA URL by @lubomirw in #808
• Fix toString() method of SecuredUuid to handle null UUID value by @lubomirw in #817
• Fix filtering of objects by access control based on owner association by @lubomirw in #821
• Fix mismatch between Total Certificates Discovered and content of List of Certificates by @klaraf755 in #822
• Add unique constraint to certificate fingerprint and CRL issuer to prevent duplicate certificates and CRLs by @klaraf755 in #827
• Fix credential listing in callback throwing 404 instead of empty list by @lubomirw in #837
• Fix and refactor inventory items filtering by @lubomirw in #840
• Fix rules evaluation of triggers with no rules by @lubomirw in #841

Other 🗄

• Implement CMP Profile management by @3keyroman in #767
• Update dependency com.microsoft.azure:msal4j to v1.16.2 by @renovate in #658
• Split discovery status and certificate discovered count to differentiate result of connector and Core by @klaraf755 in #834
• Update dependencies minor versions by @lubomirw in #843
• Fix bugs reported by SonarQube by @klaraf755 in #848

Full Changelog: 2.12.0...2.13.0

CZERTAINLY-Core-2.12.0

What's Changed

New Features 🦾

• Initial support for OpenTelemetry SDK by @3keyroman in #662
• Implement management of rules and their evaluation check by @klaraf755 in #659
• Implement Attribute Engine layer to manage and validate connector attributes by @lubomirw in #670
• Add filtering on data attributes by @lubomirw in #672
• Add replace content property to metadata attribute definition to replace content for object instead of appending by @lubomirw in #675
• Implement discovery rules and their matching on discovered certificates by @klaraf755 in #697
• Add support for CRMF format of certificate request by @klaraf755 in #704
• Allow objects access based on groups membership and owner by @lubomirw in #726

Enhancements 🛠

• Implement bulk operations on internal notifications by @klaraf755 in #651
• Remove not null constraint for common name in request by @3keyroman in #665
• Refactor ACME service by @3keyroman in #664
• Allow object access level permissions for custom attributes by @lubomirw in #688
• Add resource listing and update event listing response by @lubomirw in #711
• Allow assigning multiple groups to certificate, keys and users by @lubomirw in #718
• Add support for certificates with LDAP protocol by @klaraf755 in #744
• Handle discovered certificates in separate transactions by @lubomirw in #749
• Add fetching required associations in listings queries to improve performance by @lubomirw in #754
• Support list property in attribute filter fields to allow choosing from content items by @lubomirw in #757

Bug Fixes 🔩

• Fix validation when setting content of custom attributes not associated with subject resource by @lubomirw in #649
• Fix storing content of custom attributes when creating new user by @lubomirw in #650
• Fix transaction in ACME finalizeOrder by @3keyroman in #661
• Remove empty attribute content items and add validation to prevent storing them by @lubomirw in #698
• Fix delete of discovery that has certificate referenced in other discoveries by @lubomirw in #722
• Fix filtering when filter condition does not have entered value by @lubomirw in #723
• Fix lazy loading of certificate content by @3keyroman in #727
• Fix SCEP context URL in RA Profile by @3keyroman in #732
• Fix removing CA certificate from inventory when referred from stored CRL by @klaraf755 in #730
• Fix certificate chain validation check to include check for CA flag when certificate is self-signed by @klaraf755 in #734
• Fix wrong datetime in certificate history by changing timestamp property to include time zone by @klaraf755 in #737
• Fix updating definitions of custom attributes and global metadata by @lubomirw in #753
• Make bulk delete certificates operation transactional per certificate by @lubomirw in #759

Other 🗄

• Update OTEL dependencies by @3keyroman in #677
• Improve downloading from LDAP by @3keyroman in #750

Full Changelog: 2.11.0...2.12.0

CZERTAINLY-Core-2.11.0

What's Changed

New Features 🦾

• Add an option to mark CA certificate as trusted by @klaraf755 in #600
• Implement retrieving certificates of authority belonging to RA profile by @klaraf755 in #626
• Optimize certificate revocation check by processing and storing CA CRLs by @klaraf755 in #638

Enhancements 🛠

• Format timestamp suffix of created scheduled discovery name by @klaraf755 in #613
• Get certificate content in specified format and encoding by @klaraf755 in #619
• Allow removing certificate Owner, Group and RA profile by @lubomirw in #634
• Create already enabled key by specifying enabled property in request by @lubomirw in #643

Bug Fixes 🔩

• Remove duplicate event and notification producing when validating certificates by scheduled job by @lubomirw in #616
• Fix checking compliance of not checked certificates by scheduled job by @lubomirw in #617
• Do not change validation status to revoked when certificate is revoked by user by @lubomirw in #621
• Prevent infinite loop when iterating through discovered certificates by @lubomirw in #631
• Fix callback when attribute with callback is part of group attributes by @lubomirw in #635
• Fix validation when adding read only custom attribute to resource by @lubomirw in #636
• Fix missing status attribute when updating entity by @3keyroman in #642
• Fix sending internal and external notifications for group recipient by @lubomirw in #644

Other 🗄

• Update dependency com.microsoft.azure:msal4j to v1.14.2 by @renovate in #623

Full Changelog: 2.10.0...2.11.0

CZERTAINLY-Core-2.10.0

What's Changed

New Features 🦾

• Add endpoint to download certificate chain in specified format by @klaraf755 in #572
• Replace certificate status with certificate state and validation status by @lubomirw in #587
• Change switching RA profile to be allowed only when certificate is identified by new authority by @lubomirw in #595

Enhancements 🛠

• Refactor constructing certificate chain and link certificate to its issuer by @klaraf755 in #565
• Refactor certificate validation and add new validation checks by @lubomirw in #573
• Add custom X500NameStyle to format and normalize Subject Distinguished Names by @klaraf755 in #589
• Change owner of key to user reference by @klaraf755 in #607

Bug Fixes 🔩

• Fix slow performance of search filters by @lubomirw in #575
• Allow delete location even when contains certificates by @lubomirw in #579
• Fix parsing of uploaded certificate and handle unsupported format by @lubomirw in #598
• Fix parsing certificate and certificate request SANs by @lubomirw in #601
• Add missing listing of SCEP profiles for object level access control by @lubomirw in #606
• Fix ACME finalize order to reflect async issuance process by @lubomirw in #609

Other 🗄

• Change request method interceptor logs and authentication flow logs to Trace level by @lubomirw in #599
• Update dependency org.testcontainers:postgresql to v1.19.2 by @renovate in #596
• Update dependency com.microsoft.azure:msal4j to v1.14.0 by @renovate in #586
• Update eclipse-temurin Docker tag to v17.0.9_9-jre-alpine by @renovate in #588
• Update maven Docker tag to v3.9.5 by @renovate in #584

Full Changelog: 2.9.0...2.10.0

CZERTAINLY-Core-2.9.0

What's Changed

New Features 🦾

• Separate certificate requests from certificates by @moro-lukasrejha in #481
• Implement management of approval profiles by @moro-lukasrejha in #491
• Implement internal notifications in Core by @dmaixner-moro in #494
• Implement approvals and approval flow based on approval profile configuration by @moro-lukasrejha in #502
• Assigning approval profile to RA profile by @moro-lukasrejha in #507
• Implement management of notification instances by @dmaixner-moro in #508
• Orchestration of approval flow and its integration to certificate actions by @moro-lukasrejha in #509
• Add notifications settings by @klaraf755 in #512
• External notifications integration by @klaraf755 in #521

Enhancements 🛠

• Change owner of certificate to user reference by @dmaixner-moro in #434
• Add email to group and implement assigning users to group by @dmaixner-moro in #455
• Allow actuator health endpoint requests without authentication by @moro-lukasrejha in #457
• Add certificate property filter to search for certificates that have associated private key by @moro-lukasrejha in #483
• Link renewed/rekeyed certificate to its source certificate by @dmaixner-moro in #484
• Add issue and revoke attributes to certificate by @dmaixner-moro in #486
• Update implementation of PQC algorithms by @3keyroman in #498
• Add notification provider function group and endpoints by @3keyroman in #515
• Add migration to update ACME and SCEP role certificate permissions by @lubomirw in #522
• Add automatic check for approvals expiration by @lubomirw in #525
• Fix loading of lazy relations for ACME entities by @3keyroman in #531
• Update CertificateRevocationReason enum handling by @lubomirw in #532
• Handle Rejected certificate status in certificate operations by @lubomirw in #542
• Send internal notifications when bulk delete certificate fails and discovery completes by @lubomirw in #550
• Update test to use random wiremock port by @3keyroman in #553
• Notify when certificate status change to any status by @lubomirw in #555

Bug Fixes 🔩

• Add resource callback for locations by @lubomirw in #463
• Fix discovery certificate pagination by @lubomirw in #492
• Fix SCEP service pkiOperation to accept request message of type CertPoll and RenewalReq by @lubomirw in #545
• Fix search when user has object access restricted permissions by @lubomirw in #554

Other 🗄

• Update configuration of messaging host by @3keyroman in #459
• Add RabbitMQ virtual host configuration by @3keyroman in #461

New Contributors

• @klaraf755 made their first contribution in #512

Full Changelog: 2.8.1...2.9.0

CZERTAINLY-Core-2.8.1

What's Changed

Bug Fixes 🔩

• Fix pagination of discovered certificates by @lubomirw in #493
• Add resource callback for locations by @lubomirw in #463

Full Changelog: 2.8.0...2.8.1

CZERTAINLY-Core-2.8.0

What's Changed

New Features 🦾

• SCEP Protocol Implementation by @3KeyPradeep in #353
• Add support for integration with MS Intune by @3keyroman in #362

Enhancements 🛠

• Add search filters to discoveries inventory with support for pagination by @moro-lukasrejha in #361
• Add search filters to entities and locations inventory with support for pagination by @moro-lukasrejha in #364
• Refactor and unite structure of platform enums by @lubomirw in #375
• Fix changing state of keys and key items to respect key state model by @dmaixner-moro in #428
• Add validation for ACME and SCEP profile name to contain only URL safe characters by @moro-lukasrejha in #438

Bug Fixes 🔩

• Fix getting SAN from request by @3keyroman in #390
• Fix delete certificate without content by @dmaixner-moro in #394
• Fix metadata of issued certificate stating connector Unknown by @moro-lukasrejha in #396
• Filter invalid key usages for key based on key algorithm by @dmaixner-moro in #397
• Deleting key deletes key also from cryptography provider by @dmaixner-moro in #422
• Add multidomain validation support to ACME by @3keyroman in #429
• Fix syncing certificates of location metadata returned from unknown connector by @moro-lukasrejha in #439
• Resolve SonarQube issues by @moro-lukasrejha in #448
• Fix Audit logs pagination to return total items count by @dmaixner-moro in #447

New Contributors

• @dmaixner-moro made their first contribution in #380
• @renovate made their first contribution in #403

Full Changelog: 2.7.1...2.8.0

CZERTAINLY-Core-2.7.1

This is hotfix release. Updated interfaces version.

Full Changelog: 2.7.0...2.7.1

CZERTAINLY-Core-2.7.0

What's Changed

New Features 🦾

• Implement platform settings management operations by @lubomirw in #314
• Create CSR without issuing the certificate and support certificate with New status by @3KeyPradeep in #338
• Searching and filtering on metadata and custom attributes by @moro-lukasrejha in #341

Enhancements 🛠

• Update compliance check status on certificates when compliance profile updates by @3KeyPradeep in #309
• Change certificates filtering based on cryptographic keys filtering by @moro-lukasrejha in #313
• Implement categorization of discovery certificates based on its existence in inventory by @3KeyPradeep in #318
• Enable springboot actuator for health monitoring by @3KeyPradeep in #320
• Implement user identification based on authentication data by @3KeyPradeep in #346

Bug Fixes 🔩

• Fix ACME revoke certificate reason code handling by @3keyroman in #312
• Add missing object access control for tokens and token profiles by @3KeyPradeep in #321
• Fix not storing content of global metadata when not defined in Core by @lubomirw in #337

Full Changelog: 2.6.0...2.7.0