![scep ra cisco ise 2.4 scep ra cisco ise 2.4](https://www.thesecurityblogger.com/wp-content/uploads/2012/08/Screen-Shot-2012-07-24-at-4.26.32-PM.png)
#SCEP RA CISCO ISE 2.4 UPGRADE#
Any existing extensions defined in the configuration files will automatically be added to existing OCSP keybinding configurations, but please read more about that and more in the EJBCA 6.12 Upgrade Notes.
![scep ra cisco ise 2.4 scep ra cisco ise 2.4](https://networkproguide.com/wp-content/uploads/cisco-ise-active-directory-join-successful.png)
The OCSP Extensions configuration is now configured in the UI instead of in the ocsp.properties configuration file, and is set up to act per keybinding.
#SCEP RA CISCO ISE 2.4 OFFLINE#
They're still available offline from within the doc folder in the release zip, but are now also published both online and deployed with EJBCA to the application server. Major changes to take notice to are that the Release Notes (this document), Change Log and Upgrade Notes have all been moved in here as well. We have shifted the documentation over to Confluence instead of the ancient xdoc format as a first step towards a far more organized, updated and user friendly documentation.
![scep ra cisco ise 2.4 scep ra cisco ise 2.4](https://networkproguide.com/wp-content/uploads/cisco-ise-domain-join-credentials.png)
The PrimeKey EJBCA team is pleased to announce the feature release EJBCA 6.12, and a small step but important step forward in the development of EJBCA. Microsoft Compatibility Mode is mutually exclusive with the use of Partitioned CRLs.įor more information about EJBCA's Microsoft Compatibility mode, see Microsoft Compatible CA Key Updates. It's not possible to switch between the two modes, so Microsoft Compatibility Mode must be enabled upon CA creation if required. Microsoft Compatibility mode comes with some caveats: OCSP responses will have different signing keys, depending on which generation of CA keys signed the relevant certificate. The CA will produce as many CRLs as there are generations of CA keys. The end result of Microsoft Compatibility mode is that: Likewise, OCSP responses are expected to be continued to be signed with an OCSP responder certificate signed by the original key pair. Instead, Microsoft environments expect each generation of CA key pairs to continue signing CRLs for those certificates which were issued by that particular key pair. The commonly expected behavior when a CA is rekeyed, is that all future CRLs and OCSP responder certificates are signed by the new key pair after the rollover. Microsoft Windows Compatible CA Key Updatesĭue to some differences in how Microsoft Windows handles CRLs, we've introduced a Microsoft Compatibility mode that changes the CA's behavior when the CA is rekeyed.
#SCEP RA CISCO ISE 2.4 FULL#
The EJBCA Release Notes also include a change log, listing all issues resolved in the release and a cross-reference to our JIRA Issue Tracker for full details on issues resolved in the release. The following lists release notes for all EJBCA versions released.įor information on features and improvements implemented per release, see the EJBCA Release Notes.