New Authorizer component for logging cookies from the request

Improvements to startup scripts

While SignServer still requires Java 7 or 8, the Client command line interface (SignClient) can now additionally also be run on Java 11.

Error handling improvements

New authorizer for logging cookies from the request

Performance test CLI now uses SHA-256 for the time-stamp request

Support for on-demand generated one-time keys with short-lived certificates issued from EJBCA.

12 other minor improvements

Time-stamp hash algorithm used by XAdESSigner should be configurable

Error with MSI signing when certificate not installed in token

OCSP validator failed with external OCSP responder

Admin GUI download bundle failed to start

7 other bug fixes

Sensitive information masked in status output, configuration and logs.

New possibility to easily select 'all' in the tables.

Improved certificate export page.

Character encoding handled correctly when importing configuration.

A number of other minor bug fixes or improvements.

Key usage counter disabled by default in sample configuration files.

Fixed typos in sample configuration files.

Sample Systemd service file added.

Fixed deployment issue with Ant version 1.10.2.

CLI scripts for Windows updated or added were missing.

Fixed regression with key usage counter and signer validity checks in some situations.

Tokens are verified after signing to ensure the right key/certificate is used.

Improved error reporting in TimeMonitor when an incorrect time server is configured.

TimeMonitor now picks the results chosen by ntpdate when multiple are available.

Removed redundant 'Accuracy' field in the SignClient output.

Fixed error message in SignClient when file type could not be determined.

SignClient in client-side mode now properly refuses already Authenticode signed files.

SignClient Server Failover and Loadbalancing

Strong Algorithms by Default

Key Wrapping (limited support)

New Alternative PKCS#11 Provider (experimental)

Utimaco HSM in FIPS Mode Support

Regression Worker lockup under high load when database interactions was configured.

SOD Signer was not including NULL parameter for RSASSA-PKCS1 signature as required by ICAO.

Signing is no longer initialized if it is going to be refused in TimeStampSigner.

Signing is no longer initialized if it is going to be refused in MasterListSigner.

An out of memory issue in the the database CLI command was fixed.

Use a signature algorithm supported by HSM for test signing

Tested with WildFly 10, JBoss EAP 7 and Java 8

Performance test tool included in Client CLI download bundle

Documentation improvements

9 other features or improvements

SignClient on Windows was missing some new enterprise features

Error after importing certificate using explicit ECC parameters

Issuer DN issue in Admin Web when importing admin certificate

Issuer DN not displayed for authorized clients in Admin Web

Exception on empty CRL in PDF signer

18 other bug fixes

Rekeying from EJBCA using Peer Connectors.

Client-side hashing for Authenticode and JAR signing.

Bouncy Castle and CESeCore libraries updated.

Fixed translation issues.

New PrimeKey logos.

Authenticode signing with client-side hashing.

JAR signing with client-side hashing.

One issue with duplicated signature names fixed for JAR signing.

One issue with SignClient exit code fixed.

Legacy option to encode the time-stamp tokens as before Bouncy Castle 1.50.

Legacy option to not include the RFC#6211 cmsAlgorithmProtection attribute in the token.

Issue with PDF version if digest specified as SHA-256 instead of SHA256 resolved. Fix contributed by Aziz Göktepe.

A number of translation issues fixed.

There was 7 issues fixed.

A brand new administration web interface.

Support for signing Windows Installer (MSI) packages.

Support for hashing on the client side for CMS/PKCS#7 detached signatures.

Added MSI signing support.

Performance: Option to disable request hashing in the Plain Signer.

Adapted CMS Signer to be suitable for signing ICAO Deviation Lists.

Added sample init.d script for running the SignServer TimeMonitor.

Restructured and improved documentation.

Improved Javadoc for the AdminWS and ClientWS interfaces.

Further security hardening of the web applications including Content Security Policy headers and HttpOnly cookie protection.

Removed a potential cross site scripting vulnerability on the public web only affecting a set up with the TimeMonitorManager and normally restricted to authenticated users only.

Libraries has been upgraded.

There was 16 issues fixed.

Support for configurable content OID in CMS signatures

Support for DER encoding of CMS signatures

Master list signer was only working with certificate installed in token

Issues with PDF permissions when PDF version gets upgraded

Regression: TimeMonitor manual was not available in the SignServer manual

Support for RFC 3161 timestamps in the Authenticode signer

Ability to download integration CLI in the same way as the Admin GUI

Performance improvements

Additional PKCS#11 library definitions

Make inclusion of IssuerSerial in SigningCertificate in Time-stamp tokens optional

Security hardening

A security issue

ClassCastException trying to test key from Admin GUI running against local SignServer instance

EchoWorker not working

Web service interface not working from client CLI distribution

Incorrect documentation for DispatchedAuthorizer

Fixes in SQL create scripts

Wrong icon for crypto workers in admin GUI

Support for large files (Enterprise Edition)

Major internal library updates such as CESeCore 6.4 and BouncyCastle 1.53

Build system changed from Ant to Maven

Many internal API improvements

Support for RFC 5816 time-stamps

Initial Payara 4.1 support

Bug in BouncyCastle related to extensions in time-stamps

ClientWS interface did not handle X-Forwarded-For header

Fixed spelling typos

Fixed unit tests not running automatically

Fixed stylesheet on public web pages

Support for qcStatements extension for Qualified Electronic Time-stamps

More reliable calculation of free memory in Health Check

Fixed issue with PostgreSQL

Fixed archive querying when running the GUI locally

Fixed possible deadlock when running XML validator under high load

A few documentation and sample configuration fixes

Performance: Cache key option now improves performance with network HSM

Performance: The response time is improved on some systems

Java code signing support (including Android).

Support for key generation with custom RSA public exponent.

Support for large files in Client CLI.

Minor performance improvements.

Improved output from Client CLI.

MRTD signing interface improvements (ePassport).

Administration GUI improvements.

Improved language in the manuals.

Security issue in Commons Collections library.

Regression: Renewing keys for multiple workers at once did not fully work in the Administration GUI.

Bin folder can not be put in the PATH environment variable.

Username/password not accepted if client certificate presented.

The FirstActiveDispatcher logs using the dispatchees fields.

24 other bug fixes.

Indivual keys. Key aliases in crypto tokens can be selected by workers at run-time based on the incoming request using the new AliasSelector interface. An implementation selecting aliases based on the authenticated user of the request is included.

Crypto token operations in the administration GUI no requires clicking outside of the last edited input field to be able to perform the action (i.e. when generating keys).

Authenticode signer for portable executables (enterprise edition only).

CSCA Master List Signer (enterprise edition only).

Signer that produces plain signatures.

Configurable maximum upload limit.

Key test results now displays correctly in audit log.

Database tables now only listed once during deployment.

Soft keys are now also removed directly from memory.

JBoss config folder directory corrected in installation instructions.

Dispatchers status page now lists configuration errors.

Security issue in XML workers

Regression: Menu command for activating workers not working properly in GUI

Honouring rate limiting messages in TimeMonitor

Updated list of 3rd party dependencies and licenses

Added detached signature option to CMSSigner (contributed by Pablo Ruiz García)

Better documentation about how to specify issuer DN for clients and webservice administrators

Issued timestamping certificates for sample soft keystores

Fixed KeyStoreCryptoToken to initialize key usage counter when no password is specified in configuration

Fixed a regression when ACCEPTEDEXTENSIONS was empty

Fixed EJB CLI/GUI access with JBoss AS 7 in Windows

Fixed an issue where timestamp responses where double base64-encoded in the log

Timestamp and MS authenticode timestamp signer will now check that there is only one extended key usage (timeStamping) set at configuration time instead of failing just at runtime

Serial numbers for administrators and clients can be entered with leading zeros and in either case for hexadecimal letters

Fixed an issue where installed certificate does not override certificate in keystore

Fixed adding authorized WS client in GUI from certificate file

Fixed an issue where issuer DN contains characters that needs escaping

Independent worker and crypto token configuration

Querying of database archive from WS and GUI

Support for specifying HSM slot by label

HSM keep alive service

Underlying CESeCore library upgraded

Separation between community and enterprise editions

New application: SignServer TimeMonitor (enterprise edition only)

Fixed an error when querying the audit log without any conditions

Removed a duplicated invocation in the Admin GUI

Support for SHA-2 hash algorithms in PDFSigner

Support for using the worker servlet when running the stress test tool

Checksums using SHA256 are now available for the releases

System tests now set up trust stores in case HTTPS is used

System tests are now included in the binary distribution

Apache Santuario (XML Security) library has been updated to version 1.5.7

An XML signer performance regression has been fixed by a dependency update

PDF and XAdES signers caused deadlocks under high load when using a local TSA

Audit log errors are now displayed in the Admin GUI

An environment variable is now honored in the signserver-db script again

Ant target for copying modules was not working for custom sub modules

Added note about AdminGUI login issues with smartcard if the path to DLL contains parenthesis.

Support for passing request meta data

Support for configuring number of certificates to include in signature

API for billing/accounting

Command to print time-stamp requests and responses

Improved error reporting for crypto tokens and RenewalWorker

Improved ability to have custom modules

Updated sample PKCS#11 attributes to not store the public key

Documentation for MRTDSODSigner

Made all Dispatchers work together with DispatchedAuthorizer

Added test configuration files and performance CLI to binary distribution

Improved system test configuration options

Always display connect dialog when starting the AdminGUI

Added getproperty command to AdminCLI

Support for setting PKCS#11 attributes without referencing a file

Support for generating keys for JKS soft crypto tokens

Fixed AdminGUI smart card login failure on second attempt

Implemented workaround for smart card login error when multiple readers are available for which some does not have tokens present

Fixed a deployment issue with Clover

Fixed proper exist codes from Ant wrapper script

Fixed issue in AdminGUI when adding workers in a specific way

Fixed a possible networking issue with the time-stamp client

Corrected an error message in RenewalWorker

Fixed an issue when running client CLI over ClientWS with debug enabled

Fixed main class attribute in SignServer-Test-Performance.jar

Fixed an issue with a button in AdminGUI not being initially disabled

Fixed arguments parsing in the renewsigner command and added missing authcode argument

Support for JBoss AS 7.1, JBoss EAP 6.1 and GlassFish 3.1.

Support for MariaDB.

Support for JDK 7.

All worker configuration can now be done from the Admin GUI.

Document signer for XAdES-BES and XAdES-T contributed by Luis Maia.

Document validator for XAdES-BES and XAdES-T.

Support for different signature algorithms in XML signers.

Various AdminGUI/remote administration improvements.

Empty certificate chain in setproperties call gave error.

Regression introduced in 3.4.2: test signatures were not performed as part of the getstatus command or from health check

Security issue in bundled library

Uses PKCS11CryptoToken from CESeCore

Support for starting audit log verification from a specified sequence number

Option to archive all X-Forwarded-For addresses

Option to include the ordering field in time-stamp tokens even if it has value false

Option to not include the signingTime CMS attribute in time-stamp signer

Option to cache PKCS#11 key reference to increase performance

Includes IssuerSerial in the SigningCertificate attribute in time-stamp signer

HSM auto activation was not working when signed audit log was used

Key generation was not working with slotListIndex

ClientCLI over web services was not working unless includemodulesinbuild specified

Added support for IPv6 and multiple proxies in ListBasedAddressAuthorizer.

Support for specifying the signature algorithm in CMS signer.

Support for the signerCertificate attribute in the MS Authenticode time stamp signer.

Support for generating CSR with EDSA explicit parameters in the admin GUI and the RenewalWorker.

Log worker name in the worker log.

Easy import of issuer and serial number from certificate in admin GUI, when adding administrator rules.

Added an option to set the correct TSA name from the subject DN automatically for the time stamp signer.

All workers report themselves as offline when misconfigured.

Added health check rate limiter.

Added database setup scripts for PostgreSQL.

ContentInfo contained a double encoded octet string in the MS Authenticode time stamp signer.

Unauthorized health check queries incorrectly logged.

Secure logging to database using CESeCore.

Support for querying audit log from CLI, GUI and web services.

Configurable which Status Repository updates to log.

Access group for auditors.

Database CLI for verifying audit log.

Support for PostgreSQL.

Fixed a couple of NPE bugs.

Fixed logging in over webservices using a JKS keystore in the Admin GUI.

Fixed some randomly failing unit tests.

Other minor bugfixes.

New client web services API

MS Authenticode time-stamp signer

Support for archiving of time-stamp requests

Logging of all changes to service components

Stress test tool for measuring performance

Dropped support for JBoss 4.2.x.

Dropped support for cluster class loader

Dropped support for WSRA

Upgrade of internal cryptographic library

Many more minor improvements

Fixed the Renewal worker which required a trust store password even when a trust store was not used

Fixed an NPE when trying to activate a worker of type Dispatcher

Fixed archiving that could not be done twice for the same document

Fixed printing of server version from CLI

Fixed system tests that could not be compiled after opening the project with NetBeans IDE 7.2

Fixed StatusPropertiesWorker so that it no longer requires a cryptotoken to be configured

Fixed Address Authorizers to return HTTP 403 (forbidden) and not HTTP 401 (unauthorized) as before.

Installation script contributed by Antoine Louiset

Add test cases for TimeStampSigner with other key algorithms than RSA

Improved feature list at signserver.org

Using worker id does not work in Client CLI

JBoss 5 throws NPE on shutdown of SignServer

Renewal worker does not use the requested DN in certificate request

StatusPropertiesWorker requires a cryptotoken to be configured

Support for SignServer without database

Configurable to disable the key usage counter

Signer certificate check in Health check for all Signers

Check that the timestamp signer certificate is included in the certificate chain

Health check response of TimeStampSigner now considers status of time source

Down-for-maintenance support in Health check

Support for supplying filename as request metadata

Client CLI only supported 10 arguments on Windows

Null value was inserted when removing last wsadmin on Oracle

PDF Signature could not be larger than 15000 bytes

Sample configuration for renewal worker not functional

Various documentation updates.

Support for denying timestamp requests unless the time source is considered in sync

Support for dispatching timestamp requests to different timestamp units/signers

Support for accessing workers using the /worker/* URL pattern gives easier filtering with a proxy

Signer's status report can now be offered by a worker and not just a timed service

The log field PROCESS_SUCCESS can now have the value "false" if a request failed

Hostname displayed in title bar of AdminGUI simplifies when managing multiple servers

Build failure on W7 X64

Sample code using web services should use HTTPS

URL for documentation only working with JBoss 4.

Improve servlet error handling

Deploy documentation with application

Improved API for archiving

Support for signing PDFs with document restrictions

Support for PDF permissions enforcement

Support for modifying PDF permissions

Support for setting a PDF permissions password

Refuse to certify PDFs already certified and refuse to sign when signing is not allowed

Remote EJB worker interface could not be used with ECC with explicit parameters

Warnings printed on STDERR

Web service interface did not log XFORWARDEDFOR headers

Typo in sample configuration for PDFSigner

Setting healthcheck properties had no effect

CRL download should close streams correctly and allow for caching

Supplied username and password ignored in SigningAndValidationWS

Unit tests failed in certain situations

Ant target for testing individual tests did not work

Switching application server type did not update jndi.properties

JavaDoc failed to build.

Administration Web Service (WS) interface

Administration GUI desktop application

Client command line interface (CLI)

Support for GlassFish Server 2.1.1

Support for JBoss Application Server 5.1.0

Support for Oracle Database

Semi-automatic key generation and certificate renewal from EJBCA

Improved audit and transaction logging

Improved project structure dividing the modules in sub-projects

Front page listing all demo web pages

Web services no longer work on JBoss 4 if HTTPS is not used as JBoss 4 rewrites the end point URL in the WSDL file to always start with "https://" (since DSS-327).

Support for HTTPS in the SigningAndValidation API

Harden the PDF Signer against PDF signature collisions

Function in the build script for create source-only release archives

Problem in a unit test for certain dates

NPE in TimeStampSigner if certificate is missing