Release v0.9.3 of the Redwax Tool. Output certificate expiry as ICAL calendar or reminder entries. Allow ordering of certificates and keys to cater for Postfix order as opposed to Httpd order. Allow control over the verification date, and allow expired certificates to be verified.
Release v0.9.2 of the Redwax Tool. Add ability to read and write certificates as given users or groups. Output SSH public keys, and DER certificates..
Release v0.9.1 of the Redwax Tool. Simplify the default behaviour of filters on the command line.
First release v0.9.0 of the Redwax Tool. Download available here.
Redwax Tool is added, the universal certificate conversion tool. Convert PEM to PEM, PKCS12, PKCS11 or NSS. Working towards the first release.
Experimental module added, mod_cms_verify, which can be used as a read through POST handler that verifies if the inbound data for the POST is digitally signed (CMS/PKCS#7 or with a defacto industry JSON pacakge).
Experimental module added, mod_cms_sign, which allows for on the fly creation of a PKCS#7 or CMS signed package of the data.
Experimental module added, mod_sign, which supports unmanaged keys, as used in DNSSec, DMARC and for the Google/Apple GAEN keys. It has a very simple REST api -- see the README.
All modules updated - no major change.s
RedWax is now in MacPorts for Apple macOS 10.9 and newer -- see mod_ca, mod_crl, mod_ocsp, mod_csr, mod_pkcs12, mod_scep, mod_timestamp and so on.
Not quite ready for primetime; but with support for AJP becoming scarce, there has been a need to get information from an Apache httpd (such as the certificate used to authenticate) to a backend server (Tomcat, etc) in a secure way.
These two new modules: mod_auth_bearer and mod_autht_jwt can handle the authenticaiton on bearer tokens (as used in JWT and OAuth2) and the passing/populating of those in a proxy. Still work in progress; and it does depend on the newly fangled apr-util 1.7 its secure json, jose and crypto sypport.
Depending on how things work out - it will either become part of the normal apache-httpd mainline distributions - or continued separately at redwax.eu (to be continued...).
RedWax Interoperability testsite for CSR (Microsoft/RFC2986/PKCS10 style) now open for business.
NixOS packages for redwax updated to latest versions (that also makes all NixOS tests pass).
Two new modules:
-- making it easier to publish the chain/intermediate certificates automatically.
Interoperability test site available; with timestamping and SCEP. To facilitate cross industry testing and standards development.
Update to 0.2.3 for
(release notes) and
No security updates, minor improvements to autoconf, RPM improvements for Redhat, SUSE and europe oriented Mageia.
Update to 0.2.2 for
(release notes) and
No security updates, openssl workaround for missing APIs (0.9->1.x), minor improvements to autoconf, RPM improvements for Redhat, SUSE and europe oriented Mageia.
Update to 0.2.1 for all modules.