Detailed release information
5.6.0.31 / GUI 1.7.13
General
-
Added: Support for Microsoft Windows Server 2019.
-
Added: Support for Microsoft Windows Server 2016 Core.
-
Added: Support for Microsoft SQL Server 2017.
-
Added: Support and requirement of Microsoft .NET Framework 4.7.2.
-
Added: Support for Swedish Tax Agency Navet update January 2019.
-
Added: Support for YubiKey v5 PIV tokens.
-
Added: New token profile: IDEMIA AWP (IAS ECC 2.0.0).
-
Added: New token type: Other.
-
Added: Support for Inera PU-tjänst (RIV-TA service) version 3.1.
-
Added: Certificate & key recovery functionality [PROOF-OF-CONCEPT ONLY, not supported]
-
Updated: Database
-
Discontinued: Support for Windows Server 2008 R2 and SQL Server 2008 R2.
System
-
Added: PluginDeleteAllObjects (with ID 64) as new task action type property.
-
Added: Support for generating token key with any PIN-type.
-
Added: Support for Microsoft Enrollment Agent structure:
-
Possible to use Microsoft Certificate Authority with signature agent certificate as CMC requests.
-
-
Added: Support for Microsoft Windows Server 2019:
-
Microsoft Active Directory Domain Services 10.0 (17763).
-
Microsoft Internet Information Services 10.0 (17763).
-
Microsoft Certificate Authority 10.0 (17763).
-
-
Added: Tasks:
-
Support for computer/server searching against LDAP:
-
Added Task: CreateServerBind.
-
-
Support for certificate recovery structure:
-
Added Tasks: RecoverCertificate, RecoverCertificateToken and RecoverCertificateTokenSoft.
-
-
Task.Action.Execute<RevokeUserTokens>.
-
Possible to revoke all tokens for a user.
-
-
Task.Action.Execute<SendDeleteToPaperCut, 44>:
-
Possible to delete a user against PaperCut printer systems.
-
-
Task.Action.Execute<SendRevertToPaperCut, 43>:
-
Possible to revert a temporary contactless value to a user’s original/standard smart card against PaperCut printer systems.
-
-
Task.Action.Execute<SendToPaperCut>:
-
Possible to send card number and PIN for a user into PaperCut printer systems.
-
-
Task.Action.Execute<UpdateToken, 210>:
-
Possible to update static token information from task.
-
-
Task.Action.Prepare<GetTokenCertificates, 217>.
-
Task.ObjectDescription into log search list.
-
Task: UpdateOrganizationCertificate:
-
Possible to add multiple organization certificates for different kind of purposes (useful when mixing RSA and ECC).
-
-
-
Added: Verification of calling assembly when detecting external calls.
-
Enhanced performance:
-
parallell audit-log calls.
-
LogServer with enhanced performance against row id call.
-
-
Enhanced: Support for ECC (Elliptic Curve Cryptography) [PROOF-OF-CONCEPT ONLY, not supported]:
-
Support: NIST_P256, NIST_P384 and NIST_P521 for ECDSA and ECDH.
-
Support: Key derivation for certificates containing key agreement (useful for encryption).
-
Support: Sign/verify of data.
-
Support: Sign/verify of hash.
-
-
Enhanced: Support for Microsoft CNG (Cryptography Next Generation):
-
Native XML signature structure will now use CNG instead of CAPI.
-
-
Updated: Structures:
-
Certificate database table structure with indexed rows instead of GUID.
-
Code-letter reprint order structure:
-
Code-letter reprint orders against Gemalto will use a web service interface instead of FTP.
-
-
Derivation structure with verifying the encryption counter against session-ticket.
-
External server object structure.
-
LDAP-attribute filtering structure:
-
with returning items from DirectoryServices only, depending on configuration.
-
with using "OR" conditions for several values in same attribute.
-
-
Login structure:
-
Possible to configurate allowed key usage for login certificates.
-
-
Office structure:
-
Added: New task fields.
-
Added: New database tables and relations.
-
Discontinued: OfficeAddress object structure.
-
-
PaperCut structure with possibility to specify http/https from task-configuration.
-
Token order structure:
-
Check for office digest before creating office reference against token manufacturer.
-
Certificate template names will be included in order for personalized tokens.
-
-
-
Updated: Tasks:
-
Create-/Update Organization tasks:
-
Added: Mediation task name (will be used as C/O address when ordering objects against token manufactuerer for users with secrecy).
-
-
Create-/Update server tasks:
-
Added: Email and Phone input fields.
-
-
Create-/Update TokenTemplate tasks:
-
Updated: CertificateTemplateId input fields to non-required.
-
-
RevokeTokenCertificate and RevokeTokenCertificateDelete tasks:
-
Check for condition of additional info for CertificateTemplate/TokenKeyReference/ReadOnly when loading certificate list.
-
-
-
Updated: Configuration file (web.Config) with added secured tag for http-cookie.
-
Updated: CreateTokenBatch:
-
Added support for multiple unlock password types (explicit for the IDEMIA AWP card only).
-
-
Updated: Create-/Update CertificateAuthority:
-
Added: SignatureCertificateHash input fields.
-
-
Updated: Gemalto order interoperability module:
-
Support for code letter reprint orders.
-
Support for dynamic certificate template name list.
-
-
Updated: GemaltoOrderStatus:
-
Changed manufacturer production status condition of process from DELIVERED to WAIT FOR PIN for personalized token orders.
-
Extra error information (ErrorCode, ErrorText and ErrorDescription) saved into Task.State.Additional if present.
-
-
Updated: ICitizenService interface with mapping new flag ProtectedPopulation to user-flag 0x1 (secrecy).
-
Updated: LogServer with new API-calls.
-
Updated: Monitor, now possible to notify when server certificates is expiring.
-
Updated: Singleton instance declaration.
-
Updated: SynchronizeUser:
-
Updates: Synchronize userPrincipalName LDAP-attribute when call SynchronizeUser.
-
-
Updated: Task.Action.Execute<CreateUser>: Changed AdditionalIdentity-UPN flag to be searchable.
-
Updated: Task.Action.Execute<RevokeUserTokens> with possible to add status reason.
-
Updated: TraceServer with new API-calls.
-
Discontinued Gemalto integrations (replaced with new WebServices):
-
GemaltoCodeFetcher
-
GemaltoCodeLetterOrder
-
GemaltoProductionStatus
-
GemaltoTokenImporter
-
-
Discontinued: Trace operations through the API.
-
Discontinued: Verification of serialNumber field content when call Create-/UpdateUser.
Configuration
-
Added: Activity: PersonalInformation:
-
Possible to search for personal information of a user. Useful for GDPR demands.
-
-
Added: Locality, State and Country attributes into organization object.
-
Added: New privilege: DirectoryUserSearchPretermit.
-
Added: New token type: Other.
-
Possible to use the token type Other for non-PKI tokens.
-
Possible to order non-PKI tokens as chipless cards from card manufacturer.
-
Added: New token profile with Label: Other and Model: Other.
-
GUI
-
Angular bootstrap and jquery libs updated
-
Issues regarding Oberthur cards with two PUKs:
-
Changing PUK2 for Oberthur cards with two PUKs
-
Changing two PUKs and one SO-key caused two attempts to change SO-key for Oberhur cards.
-
Unlocking PINs for Oberthur cards with two PUKs.
-
-
Added config.js configurations:
-
Search and List definitions (What is shown when you search for an object)
-
Reading of Mifare number.
-
Parameter(s) "genericName-XXX". Used for to display dynamic information regarding the object.
-
"autoBindUser": true will cause the task createuserbind to be called when opening an external user.
-
default "ObjectDescription" for search type log. To change this behavior use the parameter "SearchDefinitions"
-
-
Possible to create a local server object via CreateUserBind
-
Made Mifare Config configurable per task with parameter object "MifareConfig"
-
Removed "back button" since it caused problems.
-
New text strings