v2.4.7 - Secure certificate handling and backend auth token split
What's new
This release focuses on strengthening application security by isolating backend authentication tokens, loading certificates securely, and optimizing TLS certificate caching.
Secure certificate handling and build secrets
- Removed the hardcoded Castla certificate password from the Android app and configured it to load from env/local build properties
- Loaded CASTLA_CERT_TOKEN and CASTLA_RELAY_TOKEN from build-time secrets instead of embedding them in the app source code
- Added a fail-fast mechanism to immediately halt execution when certificate or relay secrets are missing at runtime
Optimized certificate caching and verification
- Cached downloaded TLS certificates and configured them to refresh only when missing, invalid, expired, or near expiry
- Restricted proactive remote certificate refresh checks to once per day, maximizing the reuse of healthy local certificates
- Added PKCS12 certificate expiry inspection and introduced dedicated unit tests for the refresh policy
Backend authentication separation
- Split Castla backend authentication so that /api/castla/cert uses CASTLA_CERT_TOKEN and /api/castla/relay uses CASTLA_RELAY_TOKEN
- Retained device IP lookup during certificate-token authentication and aligned backend configuration with the new token structure
Notes
- This is a security and optimization release focusing on credential isolation and certificate caching logic
- Please ensure that CASTLA_CERT_TOKEN and CASTLA_RELAY_TOKEN are properly configured in your build environment before deploying