Skip to content
Compare
Choose a tag to compare

Transition private keys from PKCS#1 to PKCS#8

Latest
@vfidevbot vfidevbot released this
2cc08f3
Compare
Choose a tag to compare

PLEASE READ BEFORE UPGRADING TO THIS VERSION (OR HIGHER)

  • Private keys are now output in PKCS#8 format by default with --csr local and --csr service options.
  • --format legacy-pem was added so users can still get private keys in the deprecated PKCS#1 format for legacy applications.
  • Added prescriptive error message when certificates are requested from TPP using --csr service that the private key PBE (password-based encryption) algorithm policy needs to be set to either "SHA1 3DES" or "SHA256 AES256".
    ⚠️ This is a breaking change (upgrade issue) that was done in the interest of improved security
c8bae97dd0eacdc2175bca16bf8fbc2281d51da3  vcert_v4.17.0_darwin.zip
743d69d1240b61c81a05d15cee9afa4b3f96ffdf  vcert_v4.17.0_linux.zip
f281162664827830668fe1e507b25cbad2e2227f  vcert_v4.17.0_linux86.zip
c2317aa0cd5a71bf802df6e30aab4de3802203d1  vcert_v4.17.0_windows.zip
d0e0481c9dc39e1a52cd5f89a696f48bab94b6f1  vcert_v4.17.0_windows86.zip