CHANGES.txt
2.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
0.9.3 (2018-09-21)
==================
* Add support for listening to multiple specific addresses in caucased.
* shell implementation does not rely on an external file anymore.
* Do not start listening on https port before wrapping sockets with an ssl context
* Make caucase-updater usable by anonymous services (ex: they only need to connect to a caucase-certified service, without authenticating themselves using caucase)
* Use stricter file permissions for caucased sqlite database.
* Include caucase version in user agent header.
* Make caucased logging format more similar to apache's default.
* Fix caucased https certificate renewal. Fixes a crash which happens every 2 months.
* Make caucase-updater retry on network errors. Fixes crashes on transient network error.
0.9.2 (2017-11-03)
==================
* Add support for migrating an existing CA to caucase: import CA cert and CRLs.
* Require CRL signature checks (bumps cryptography module version requirements).
* Provide CRL distribution point extension in CA certificates.
* Play nicer with http:
* Catch more errors to provide nice status codes
* Add support for "Transfer-Encoding: chunked"
* Add support for "Expect: 100-continue"
* Produce TLS-compliant certificates (domain name must be in an alternative name extension, subject is not enough).
* Reduce speed requirements in tests.
* Add shell implementation of "caucase" command.
* Certificate renewal bypasses pending CSR limits.
* caucase-manage: new command for offline database maintenance.
0.9.1 (2017-09-21)
==================
* Documentation improvements
* Packaging improvements
0.9.0 (2017-08-02)
==================
* implement the "cau" half of "caucase"
* massive rework: removal of flask dependency, removal of HTML UI, rework of
the REST API, rework of the CLI tools, rework of the WGSI application,
incomatible redesign of the database.
0.1.4 (2017-07-21)
==================
* caucase web parameter 'auto-sign-csr-amount' can be used to set how many csr must be signed automatically.
0.1.3 (2017-06-30)
==================
* add support for backup caucase database to cli
* serial is a random unique formatted hexadecimal number get from the csr_id
* allow to set custom subject (X509Name) when signing a certificate
* add new cliweb command which when required will download/update crl file from caucase web
0.1.2 (2017-05-12)
==================
* cliweb: renew now takes threshold option to check if renew is required and optional on-renew script to run after certificate renewal
0.1.1 (2017-04-27)
==================
* initial implementation of certificate authority