Version History

Version 2.3

Support for certificate revocation and Certificate Revocation List (CRL) issuing
Support for processing extension requests in Certificate Signing Request files
The CA certificate can be exported in PEM format or to a directory
PEM formatted identity files can optionally also include a copy of the certificate
Certificate validity can now include a fraction of a day
Improved performance for handling large numbers of users and certificates
Improved support for integration with an LDAP directory
Minor bug fixes and other improvements

Integration with third party calendar applications for managing certificate expiry dates
Improved support for working with multiple CAs, including easy switching between CAs
Certificate details dialog includes new "Advanced" tab with detailed certificate information
Support for Linux and similar platforms
Improved compatibility for Certificate Signing Request (CSR) file processing
Certificate validity can be set to 0 days (useful for generating test certificates)
Support for all ISO-3166-1 country names in certificates
Minor UI improvements and bug fixes

User details can be imported individually or in batch from LDIF and vCard files
User identity files (PKCS#12 and PEM) can be imported
Certificates can be dragged and dropped between the certificate table and file system
Certificate table allows multiple row selection for certificate viewing, export, deleting, etc.
New help information on using certificates in applications
Minor UI improvements
Fixed bug where non-numeric certificate validity causes freeze when issuing a new certificate
Fixed bug where directory publishing causes freeze if an active user exists with no certificates
Fixed toolbar UI bug on Windows with Java 1.6.0_02 or 1.6.0_03
Supports OS-X 10.5 (Leopard)

User identity files can be automatically and securely backed up, for future recovery
Certificates can be published to an LDAP directory, such as for use by mail clients
Certificate Signing Request (CSR) files from other applications can be processed
Server certificates can now identify an IP address as an alternative to domain name
Improved sorting behaviour when selecting Days to Expiry column in the users table
Many UI improvements
Minor bug fixes

CA certificate details can be viewed
Randomly generated passwords can be displayed in the confirmation dialog
A copy of subordinate CA identity files can be retained for working with CA hierarchies
Export format can be specified when exporting single certificate entries
Certificate details dialog now contains fingerprint field
Country setting is now an optional field, like email and organisation
The user name can now be left blank, in which case new certificates will not include a commonName
Publishing behaviour changed so that the most recently issued valid certificate from a user is the preferred certificate, instead of the last expiring certificate
Fixed bug where default country setting was not being applied properly
Fixed UI bug where the user table was not updated when the user's name is cleared
General code cleanup and improvements

General Purpose certificates (for secure email, document signing, VPN and/or client SSL use)
SSL server certificates
RSA 1024/2048/4096 key lengths, SHA-1/256/384/512 digest algorithms
PKCS#12/DER and PEM-encoding (with and without password) file formats
Supports random password generation for new identity files
Can be used to generate self-signed certificates, or multi-CA hierarchies
Includes detailed help pages