Release Notes: Changes mostly involve updating support for LibPKI 0.8.5, which fixes HTTP performances issues.
Release Notes: This version includes updated support for LibPKI 0.8.0, several memory leak fixes, a fix for a configuration parsing error that was preventing the reloading of expired CRLs, optimized network packet managing when sending responses, a fix for using specific hash algorithms in the responder's signatures (SHA-1 is needed to support old Cisco devices), improved support for the GET HTTP method and startup error logging, and support for a new '-testmode' switch that sets the OCSP as a test responder where all signatures are invalidated by flipping the first bit in the signature.
Release Notes: This version updates default configuration files (default passin is set to none), adds enhanced support for ECDSA, and updates thread management with built-in support from LibPKI 0.6.3. The start/stop script, a memory error in config.c that caused a segfault on CRL reload, and an extra two bytes sent out after the DER encoding of the response is written, which was causing Firefox/Thunderbird not to validate the answer were fixed. An error in the return code check for PKI_NET_listen was also fixed, along with an error in config parsing when no bind address was provided.
Release Notes: Extensive support for hardware devices (PKCS#11 and OpenSSL Engine), multiple keypair and certificate support for response signatures, POST and GET support, and IPv6 support.
Release Notes: Thread support was added. HTTP header parsing was improved.
Release Notes: The requirement for the index file option in the configuration file has been removed (it was not used).
Release Notes: RPM installation fixes, a revised server architecture that was fixed to be used with HSM via OpenSSL's ENGINE interface, and support for downloading CRL/CA certificates via HTTP/LDAP.
Release Notes: This release fixes a SIGHUP problem when auto_crl_reload was enabled. There is a Solaris include for flock usage instead of semaphores. '--enable-flock' and '--enable-semaphores' have been added to the configure script.
Release Notes: A bug for nextUpdate and lastUpdate fields setting when reloading CRLs has been fixed. CA certificate loading from LDAP has been added. Support has been added for multiple CA certificates from the same cACertificate entry in LDAP. Solaris putenv issues in configure.c have been fixed. OS architecture specific targets have been added to makefiles.
Release Notes: The major changes in this release were a fix for a memory problem in the OCSP code when empty CRLs were loaded and a fixed response length when sending back the response (this prevented Firefox from correctly accepting responses).