1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
2 .. http://creativecommons.org/licenses/by/4.0
3 .. Copyright 2020-2021 NOKIA
16 :Release Date: 2022-01-11
34 *Fixed Security Issues*
36 Vulnerability [CVE-2021-44228] Top up Apache log4j2 to 2.17.1
38 *Known Security Issues*
42 *Known Vulnerabilities in Used Modules*
64 :Release Date: 2021-07-22
68 Add certificate update use case (support for CMPv2 messages: Key Update Request and Certification Request).
82 *Fixed Security Issues*
86 *Known Security Issues*
90 *Known Vulnerabilities in Used Modules*
96 caMode is removed from cmpServers.json configuration file.
100 CertService client is not supported since Istanbul release.
112 :Release Date: 2021-01-27
120 Enhance CertServiceAPI response (include CMP server error messages).
121 Fix KeyUsage extension sent to CMPv2 server
131 *Fixed Security Issues*
135 *Known Security Issues*
139 *Known Vulnerabilities in Used Modules*
145 **Deprecation Notes**
153 :Release Date: 2020-12-28
161 Align Cert Service Api to RFC4210.
162 Fix Cert Service Client CA_NAME validation.
163 Fix Cert Service External Provider logging.
173 *Fixed Security Issues*
177 *Known Security Issues*
181 *Known Vulnerabilities in Used Modules*
187 **Deprecation Notes**
195 :Release Date: 2020-12-02
203 Fix NullPointerException in CertService Client when SANs environment variable is not defined.
213 *Fixed Security Issues*
217 *Known Security Issues*
221 *Known Vulnerabilities in Used Modules*
227 **Deprecation Notes**
235 :Release Date: 2020-12-01
239 * Extended CertService by support for new SANs types - IPs, E-mails, URIs
247 CertService Client exits unsuccessfully with code 99 when SANs environment variable is not defined, because of
254 *Fixed Security Issues*
258 *Known Security Issues*
262 *Known Vulnerabilities in Used Modules*
268 **Deprecation Notes**
280 * Added module **oom-certservice-k8s-external-provider** with following functionality:
282 An external provider is a part of PKI infrastructure. It consumes CertificateRequest CRD from Cert-Manager and calls CertService API to enroll certificate from CMPv2 server.
284 More information can be found on dedicated `wiki page <https://wiki.onap.org/display/DW/CertService+and+K8s+Cert-Manager+integration>`_
298 *Fixed Security Issues*
302 *Known Security Issues*
306 *Known Vulnerabilities in Used Modules*
312 **Deprecation Notes**
328 * Added module **oom-certservice-post-processor** with following functionality:
330 * appending CMPv2 certificates to CertMan truststore
331 * replacing CertMan keystore with CMPv2 keystore
345 *Fixed Security Issues*
349 *Known Security Issues*
353 *Known Vulnerabilities in Used Modules*
359 **Deprecation Notes**
371 - The same functionality as in aaf-certservice 1.2.0
385 *Fixed Security Issues*
389 *Known Security Issues*
393 *Known Vulnerabilities in Used Modules*
399 **Deprecation Notes**
411 - Client creates subdirectories in given OUTPUT_PATH and place certificate into it.
425 *Fixed Security Issues*
429 *Known Security Issues*
433 *Known Vulnerabilities in Used Modules*
439 **Deprecation Notes**
447 :Release Date: 2020-06-29
451 - Added property to CertService Client to allow selection of output certificates type (One of: PEM, JKS, P12).
455 - Resolved issue where created PKCS12 certificates had jks extension.
465 *Fixed Security Issues*
469 *Known Security Issues*
473 *Known Vulnerabilities in Used Modules*
479 **Deprecation Notes**
492 :Release Date: 2020-05-22
496 The Frankfurt Release is the first release of the Certification Service.
501 - `AAF-1132 <https://jira.onap.org/browse/AAF-1132>`_ - CertService Client returns exit status 5 when TLS configuration fails
505 - PKCS12 certificates have jks extension
511 *Fixed Security Issues*
515 *Known Security Issues*
519 *Known Vulnerabilities in Used Modules*
525 **Deprecation Notes**
533 :Release Date: 2020-04-16
537 The Frankfurt Release is the first release of the Certification Service.
541 - No new fixes were implemented for this release
545 - `AAF-1132 <https://jira.onap.org/browse/AAF-1132>`_ - CertService Client returns exit status 5 when TLS configuration fails
547 - PKCS12 certificates have jks extension
553 *Fixed Security Issues*
557 *Known Security Issues*
561 *Known Vulnerabilities in Used Modules*
567 **Deprecation Notes**