Skip to content

v2.4.7 - Secure certificate handling and backend auth token split

Choose a tag to compare

@fbezita fbezita released this 12 Jun 01:21

What's new
This release focuses on strengthening application security by isolating backend authentication tokens, loading certificates securely, and optimizing TLS certificate caching.

Secure certificate handling and build secrets

  • Removed the hardcoded Castla certificate password from the Android app and configured it to load from env/local build properties
  • Loaded CASTLA_CERT_TOKEN and CASTLA_RELAY_TOKEN from build-time secrets instead of embedding them in the app source code
  • Added a fail-fast mechanism to immediately halt execution when certificate or relay secrets are missing at runtime

Optimized certificate caching and verification

  • Cached downloaded TLS certificates and configured them to refresh only when missing, invalid, expired, or near expiry
  • Restricted proactive remote certificate refresh checks to once per day, maximizing the reuse of healthy local certificates
  • Added PKCS12 certificate expiry inspection and introduced dedicated unit tests for the refresh policy

Backend authentication separation

  • Split Castla backend authentication so that /api/castla/cert uses CASTLA_CERT_TOKEN and /api/castla/relay uses CASTLA_RELAY_TOKEN
  • Retained device IP lookup during certificate-token authentication and aligned backend configuration with the new token structure

Notes

  • This is a security and optimization release focusing on credential isolation and certificate caching logic
  • Please ensure that CASTLA_CERT_TOKEN and CASTLA_RELAY_TOKEN are properly configured in your build environment before deploying