Softpedia >Mac >Security >XCA >  Changelog

XCA Changelog

What's new in XCA 2.2.1

Jan 31, 2020
  • Close #159 Opening existing database

New in XCA 2.2.0 (Jan 30, 2020)

  • Switch to MSI installer
  • Close #129 Unattended Installation
  • Rename HTTPS templates to TLS and support KU/EKU extensions needed by OpenVPN
  • Close #93 Default output folder / Improve Portable App usability
  • Improve EC Curve selection for key generation.
  • Close #21 Support for ODBC (MSSQL)
  • Close #136 Provide 64bit version of xca
  • Close #156 secp256k1, secp256r1 and NIST-P256
  • Transfer Key Usage and Extended Key Usage critical flags
  • Improve item loading. Inspired by #153
  • Add japanese translation
  • Close #138: Portable Version does not remember paths
  • Close #83: Token selection should not insist on name or serial of the token
  • Close #95: Copy mysql and psql windows dll files into portable app
  • Close #144: Database export has issues with wildcards in internal names
  • Close #143: Hotkey for import
  • Close #140: Certificate renewal with option to preserved serial number
  • Fix possible XCA crash
  • Add Dutch translation
  • Add Chinese translation
  • Add Italian language
  • CLose #120: Mark signed a request doesn't work
  • Close #119: Rename "PostgreSQL 6 and 7" to just "PostgreSQL"
  • Close #116: Duplicate extensions erroneously shown
  • Close #114: SAN - IPv6 address input not working
  • Close #68 Generating large DH params freezes UI
  • Support concurrent database access.
  • Close #91: Change order of "PKCS#11 provider"
  • Extend PEM files by human readable information about the item
  • Support ecdsa SSH public keys
  • Close #98 Add comment at import/export RSA keys from/to SSH public key
  • Close #101: Finish Rename with Enter shows Property Dialog
  • Close #104: Also show sha256 digests of public keys
  • Close #82: Renew CA ROOT Cert
  • Verify imported keys thoroughly

New in XCA 2.1.2 (Jan 30, 2020)

  • Close #40 macOS: Crash after xca v2.0.1 quit
  • Close #37: XCA 2: EVP_DecryptFinal_ex:bad decrypt
  • Close #74: Exiting XCA 2.1.1 corrupts database
  • Make PKCS11 libs, working dir and main-window size host-dependent
  • Support for XCA as portable App
  • Close #69 Library not loaded: @rpath/ contains local directory
  • Close #60: Fix MacOSX 2.1.1 binary
  • Add new maintained languages: Polish, Spanish, Portuguese

New in XCA 2.1.1 (Jan 30, 2020)

  • Allow manual override of the CSR signed flag
  • Close #56: Duplicate Serials after Upgrade 2.1.0
  • Close #57: SAN IP not working in 2.1.0
  • Close #55: Calculate "CSR signed" information from legacy database
  • Close #55: Add Certificate counter column for CSR
  • Fix slovak translation
  • Close #50: Hang while importing 1.4.1 database into 2.1.0

New in XCA 2.1.0 (Jul 26, 2018)

  • Close #48: The SKI tickbox isn't generating an SKI extension for CSRs
  • Fix translation of dates
  • Add private key icon to the key name
  • Inspired by #42: display dates relative (seconds ago, yesterday, ...) while column ordering is still strict by age. The ToolTip shows date and time.
  • Related to #39: Dynamically adjust explicit DN entries
  • Close #39: Subject entries shuffled
  • Close #36: Support adding CN to X509v3 SAN automatically
  • Close #35: Configurable size of serial number.
  • Close #34: Improve Mac OSX installation
  • Close #27: Configurable certificate expiry warning threshold
  • Generate calender (.ics) files for certificate and CRL expiries

New in XCA 2.0.0 (Apr 30, 2018)

  • Open database before starting a transaction
  • Fix default hash during startup
  • Fix Importing PKCS#12 and PKCS#7 files
  • Improve automatic setting of the certificate internal name
  • Don't use remote DB descriptor as local database filename proposal
  • Usability: Preset remote database input values with previous ones
  • Add another missing windows postgres library
  • Accept drivers that don't support transactions
  • Install MySQL and PostgreSQL drivers on windows
  • Closes #10: Warn if certificate without any extension is created
  • Add table prefix to be prepended to each table for remote SQL DB
  • Update translations
  • Fix installation of sql plugins in the Windows installer
  • Fix opening, importing and dropping databases
  • Fix crash during PKCS#12 export
  • Update HTTPS_server template and add example SAN
  • Acceppt empty password for private key decryption
  • Fix legacy database-without-password import
  • Close GitHub Bug #5: Exporting a private key results in too-permissive permissions
  • Close GitHub Bug #4: Workaround QT bug of editing in QDateTimeEdit
  • Fix display of dates in the Certificate details (local time displayed a GMT)
  • The internal name is not neccessarily unique anymore and can be edited in the details dialog as well as the comment.
  • CSR signing is now statically stored in the database and the comment of the issued certificate.
  • Private keys in the database are PKCS#8 encrypted and can be exported and decrypted without XCA.
  • No more incrementing serials. Only unique random serial numbers.
  • "xca_db_stat" application removed. Use the SQLite3 browser "sqlitebrowser".
  • "xca extract" functionality removed. SQL views may be used instead.
  • Each item may be commented. XCA itself comments important events in the item.
  • Each item knows its time and origin of appearance.
  • Change database format to SQL(ite) and support MySQL and PostgreSQL.

New in XCA 1.4.0 (Feb 27, 2018)

  • Update OpenSSL version for MacOSX and W32 to 1.1.0g
  • Change default hash to SHA-256 and add a warning if the default hash algorithm is SHA1 or less
  • Switch to Qt5 for Windows build and installation
  • Do not apply the default template when creating a similar cert
  • Close SF #120 Crash when importing CA certificate
  • Close SF #116 db_x509.cpp:521: Mismatching allocation and deallocation
  • Add support for OpenSSL 1.1 (by Patrick Monnerat)
  • Support generating an OpenSSL "index.txt" (by Adam Dawidowski)
  • Thales nCipher key generation changes for EC and DSA keys
  • Add Slovak translation

New in XCA 1.3.1 (Aug 21, 2015)

  • Fix endless loop while searching for a signer of a CRL (XCA does not respond)

New in XCA 1.3.0 (Aug 16, 2015)

  • Update to OpenSSL 1.0.2d for Windows and MAC
  • SF Bug #105 1.2.0 OS X Retina Display Support
  • Digitaly sign Windows and MAC binaries with a valid certificate
  • Refactor the context menu. Exporting many selected items to the clipboard or a PEM file now works. Certificate renewal and revocation may now be performed on a batch of certificates.
  • Feat. Reg. #83 Option to revoke old certificate when renewing
  • Refactor revocation handling. All revocation information is stored with the CA and may be modified. Revoked certificates may now be deleted from the database
  • Support nameConstraints, policyMappings, InhibitAnyPolicy, PolicyConstraint and (OSCP)noCheck when transforming certificates to templates or OpenSSL configs
  • Fix SF Bug #104 Export to template introduces spaces
  • Add option for disabling legacy Netscape extensions
  • Support exporting SSH2 public key to the clipboard
  • SF Bug #102 Weak entropy source used for key generation: Use /dev/random, mouse/kbd entropy, token RNG
  • SF Feat. Req. #80 Create new certificate, based on existing certificate, same for requests
  • Add Cert/Req Column for Signature Algorithm
  • SF Feat. Req. #81 Show key size in New Certificate dialog
  • Distinguish export from transform:
  • Export writes to an external file
  • Transform generates another XCA item

New in XCA 1.1.0 (Nov 24, 2014)

  • SF Bug #79 Template export from WinXP cannot be imported in Linux and Mac OS X
  • Support for Brainpool windows and MacOSX binaries
  • SF Feat. Req. #70 ability to search certificates
  • SF Feat. Req. #75 show SHA-256 digest
  • RedHat Bug #1164340 - segfault when viewing a RHEL entitlement certificate
  • Database hardening
  • Delete invalid items (on demand)
  • Be more tolerant against database errors
  • Gracefully handle and repair corrupt databases
  • Add "xca_db_stat(.exe)" binary to all installations
  • Translation updates
  • Optionally allow hash algos not supported by the token
  • Select whether to translate established x509 terms
  • Finish Token EC and DSA support - generate, import, export, sign
  • SF Feat. Req. #57 More options for Distinguished Name
  • Switch to autoconf for the configure script
  • SF Feature Req. #76 Export private keys to clipboard
  • EC Keys: show Curve name in table
  • Support EC key generation on PKCS#11 token
  • PKCS#11: Make EC and RSA signatures work
  • PKCS#11: Fix reading EC keys from card
  • SF Bug #82 Certificate Creation out of Spec
  • SF Bug #95 XCA 1.0 only runs in French on a UK English Mac

New in XCA 1.0 (Oct 24, 2014)

  • SF Bug #89 Validating CRL distribution point results in error
  • SF Feature Req. #69 Create "Recent databases..." file menu item
  • SF Bug #75 authorityInfoAccess set error
  • SF Bug #88 Minor spelling error
  • SF Bug #87 Unable to set default key length The Key generation dialog now allows to remember the current settings
  • Do not interpret HTML tags in message boxes
  • Overwite extensions from the PKCS#10 request by local extensions
  • This avoids duplication errors and allows to overwrite some extensions from the request
  • SF Bug #78 replace path separators in export filenames
  • SF Feature Req. #71 Add KDC Authentication OIDs to default files
  • SF Bug #82 Certificate Creation out of Spec
  • Add Croatian translation
  • SF Bug #83 Inappropriate gcc argument order in configure script

New in XCA 0.9.1 (Nov 8, 2011)

  • Close bug [ 3372449 ] All numeric names cannot be used
  • add search functionality for PKCS#11 libraries
  • fix ASN.1 encoding of PKCS#10 request
  • Close bug [ 3318203 ] Build failure with GNU gold linker
  • Add x509v3 extensions to the list of selectable columns
  • Close bug [ 3314262 ] Incorrect "Path length" template parameter handling
  • Close bug [ 3314263 ] Unrevoking a certificate does not make it "Trusted"
  • Feature Request [3286442] Make success/import messges optional
  • improve Password entry
  • Improve SPKAC import
  • add french translation by Patrick Monnerat
  • Export requests or certificates as openssl config file
  • Support building with EC disabled
  • Close bug [3091576] Private key export is always PKCS#8 encoded
  • Feature Request [3058196] Autoload database
  • Feature Request [3058195] Export directly to the clipboard
  • Close bug [3062711] Additional OIDs
  • Close bug [3062708] Invalid user configuration file path name
  • Fix PKCS#11 library handling

New in XCA 0.8.1 (Mar 8, 2010)

  • Fix string conversion from QString to ASN1.

New in XCA 0.7.0 (Nov 12, 2009)

  • support modifying the CSR subject during signing
  • update key images
  • fix date settings in Certificate renewal dialog
  • fix certificate request verification
  • check for duplicate x509 v3 extensions Bug [ 1881482 ] and [ 1998815 ]
  • make sha1 the default hash to avoid problems with other software Bug [ 1751397 ]
  • add validation button to see all extensions before creating the cert
  • change the hashing for the default password. this makes it incompatible to older versions
  • Major changes for MAC OS X
  • extend template format for nconf settings
  • add nconf input field for arbitrary OpenSSL extensions and a "validate" button to check the settings before applying
  • fix xca.desktop Bug [ 1837956 ]
  • fix item-export error handling
  • add PEM paste import feature
  • extend PEM import to import all items from a PEM file