Releases: Venafi/vault-pki-backend-venafi
Releases · Venafi/vault-pki-backend-venafi
Fixed a bug about storing private keys behavior and validation of certificate mismatch
- Fixed a bug in private key storage which would store keys encrypted within the Vault. By applying this fix they are now stored unencrypted and they are only encrypted during output if key_password attribute is provided during create and read operations.
- Added validation preventing to store and present mismatched key-pairs.
f27074dff9a8dd91ec1183ecdab88e7ae5413c6c4192bed382b664c815d33c07 venafi-pki-backend_v0.10.3_darwin.zip
e93313b72c3fe47d832b23029248e2b024048aa6215bbfd25e1655a10169bd89 venafi-pki-backend_v0.10.3_linux.zip
75a056ddbbe54444ae8116e759a14b47a9140066264fdf4e58ab35233b6277c4 venafi-pki-backend_v0.10.3_linux86.zip
321708afa754d385a6e141440c4fa8e7b6f1d5fc92a438ea4bdf015f8892d230 venafi-pki-backend_v0.10.3_windows.zip
051dbd53cdad061cafd6f83b901fdbd9f294f980e13af53fdd287baa70defdd0 venafi-pki-backend_v0.10.3_windows86.zip
Fixed issue with revocation while disabling secrets engine
- Added a validation of the operation being performed by vault while disabling the secrets engine so it wont try to revoke certificates issued by the secrets engine.
3ba11f4b17f66b892e567076bbc947f99bbf8dcf92a83da89bea83bf3dc2b855 venafi-pki-backend_v0.10.2_darwin.zip
4db3d2fc2bac658c0e064b31b7bad8c590f1396932a44784fc010582bc220ee7 venafi-pki-backend_v0.10.2_linux.zip
7d47e5476843b1a6aa146b74614f1ad685a712d3e88fbd845d376710be1cea0d venafi-pki-backend_v0.10.2_linux86.zip
92e8cda6c2bf3b7067447a5ff81836b5d95ef05491b1fc139839b315fc65bec7 venafi-pki-backend_v0.10.2_windows.zip
e78ce5184a42a439fe8c5ecf3aa6f6db02d7dc59e5b062ad6d58d9042aae36d1 venafi-pki-backend_v0.10.2_windows86.zip
Fix for a bug with the use of a synchronized block in pathVenafiCertObtain function
- The issue ocurred when an error was thrown by the pathVenafiCertObtain function, resulting in the lock not being released. With this fix the lock is being released correctly.
d2bc6d0364df4169f981a044d72c6dea59d8cab22ba4a87c8f5d3a36a62de144 venafi-pki-backend_v0.10.1_darwin.zip
1f0c00955756a4ab5135e1887b8181f792fc7520c3a70bed5d345018cec5b71d venafi-pki-backend_v0.10.1_linux.zip
153e521f493b357302ac0353ab2b12f483a845034d4750bc72d0774bc8662dea venafi-pki-backend_v0.10.1_linux86.zip
12394cc1a1c93f0b488ea86a0856af8ff356fbec92f0c448fac3658fd0ba6535 venafi-pki-backend_v0.10.1_windows.zip
31ecde5322180825ee44c4f74becd9fc91748aa40a1abb2a76197751103353aa venafi-pki-backend_v0.10.1_windows86.zip
Support Service Generation, Revocation, and PKCS#8 Private Keys
- Added support for service generated key/CSR (i.e.
service_generated_cert = true) - Added support for revocation with Trust Protection Platform
- Changed default private key format to PKCS#8
- Added
private_key_formatparameter for getting private key in legacy PKCS#1 format in parity with native Vault PKI - Minor bug fixes regarding the processing of multiple requests at the same time
d32ebb240d5b259c3e7f7c67d300a1e9d0e7e1144a30f039f67ffde0222290a2 venafi-pki-backend_v0.10.0_darwin.zip
9635bb541217c0a1b76b60e7a98c5dc32396501807d197dbaca08b62d66b7e5a venafi-pki-backend_v0.10.0_linux.zip
d106851c45ff8a867df73470a489df0f04a747b310d10db3cb40c7a2b4eef1da venafi-pki-backend_v0.10.0_linux86.zip
6196fb2b33ecd68249a0048b4a3206f8466ea6b626f338dcb9a49e666995b715 venafi-pki-backend_v0.10.0_windows.zip
466a21946a879ad0b779ef5a3c7d3b7bbd9404b076da6344b422de9c0d31aa18 venafi-pki-backend_v0.10.0_windows86.zip
Updated to the latest VCert client version
Updated to the latest VCert client version (v4.14.2) to address a timing issue that caused certificates requested from Venafi as a Service to fail sporadically.
8931bb0404ed3a77599f61e1cee50edef77b6c3e42825df48ae60b3e056adc67 venafi-pki-backend_v0.9.1_darwin.zip
13be8f85d011aab7814ef745df2ebd95caabfcb8c437a37f6de57fb601b2bdab venafi-pki-backend_v0.9.1_linux.zip
4ac626e2d99a007445ee481abe0738ae3677663805c86f6c3c668ac4051a74db venafi-pki-backend_v0.9.1_linux86.zip
c8770a4d6072de46af410ee2636f68a9eb864fcee613d361057810475183bd39 venafi-pki-backend_v0.9.1_windows.zip
eb1d10096b17191aa227f78d404e8397d25552288801e29e00f6cedb0ea748ab venafi-pki-backend_v0.9.1_windows86.zip
Updated Venafi Cloud integration to use OutagePREDICT
Updated Venafi Cloud integration to use OutagePREDICT instead of DevOpsACCELERATE, that is to use the Venafi Cloud Application Name and Issuing Template API Alias (e.g. "Business App\Enterprise CIT") for the value of the zone parameter.
WARNING: Do NOT upgrade to this version if you want to continue using Venafi Cloud DevOpsACCELERATE
d5c7a8885dfb0dfc43dda2d10ae1cab7cadece0bd3ba218f849b9fbf707339eb venafi-pki-backend_v0.9.0_darwin.zip
6e59ccd00bb8aaa21c8ab83367d9de1fe55fb1b74217f8ae99cd5577296debf0 venafi-pki-backend_v0.9.0_linux.zip
8fe945af19090a0aed0d89e607a0ac8cac207b118f5339a08e0153a5c0ad2eea venafi-pki-backend_v0.9.0_linux86.zip
ac828eadfd19a15db121efaba886774fc1f5ae44780417c23c98337b05b4f301 venafi-pki-backend_v0.9.0_windows.zip
2889e1a60087b5fd20041cc120f6b51249358199c8a58012edb75cf93a17ee94 venafi-pki-backend_v0.9.0_windows86.zip
Fix for OS trust store being ignored for Venafi API connections
- Resolved issue that unintentionally required
trust_bundle_fileto be specified for Venafi API services secured by certificates issued by non-publicly trusted CAs (i.e. it was not sufficient to add the trust anchor to the OS trust store). 🐛#79 - Added text file containing SHA256 hash to release assets (zip archives); the hash is specified when adding the plugin to the Vault catalog and is currently the only way HashiCorp provides to differentiate plugin versions
- Discontinued darwin 386 (32-bit macOS) releases since support was dropped in Go 1.15 and Vault 1.6.0
d9e5b413b999c50effba98f2f968261fe7dd8c6c2290c2695e595e94086a73ed venafi-pki-backend_v0.8.3_darwin.zip
a10925fde9358a22d4bc9ac83dcecbdcf9976fe7ee4c4a017c5f32c0c283f2d8 venafi-pki-backend_v0.8.3_linux.zip
98f43915aca90a14cc79dfa301179e597056218534da9270478909f17e692d09 venafi-pki-backend_v0.8.3_linux86.zip
ddd764c4b590c6c7091ebb3d4825d6868d1af43ece07a2af7406792ace6d2367 venafi-pki-backend_v0.8.3_windows.zip
60f8a23bc2a0e4869e45a98bb41e0c10166d69e13854c039af62af285e9032b3 venafi-pki-backend_v0.8.3_windows86.zip
Optimized TPP Token usage and matched native Vault PKI output
- Updated so the only credential required to initialize with Trust Protection Platform is
refresh_token✨#74 - Added
ca_chain,issuing_ca, andexpirationto/issueand/signoutput to enable seamless integration with native Vault consumers like Jetstack cert-manager and HashiCorp Terraform Provider for Vault 🐛#75
a2bd0dc54b83d15d79f8331f296281337f576524d7f4291ea51ce0ca9f2fbe3a venafi-pki-backend_v0.8.2+1073_darwin.zip
691b87e6ace3c52d72582a4fb89bef20a419b974bd65a3cc9b8198107119c50a venafi-pki-backend_v0.8.2+1073_darwin86.zip
29238252550c2074321f079a3647fd6b0fd64881a7428f9fcf9b6e3a6bbb6a16 venafi-pki-backend_v0.8.2+1073_linux.zip
2d55109297e61c059aeaaa83fc33f2499d9dd8cb5df04ad053be1fbc86ed82fd venafi-pki-backend_v0.8.2+1073_linux86.zip
c8e8b7404af774a2376f9706f9b310f10af6d1df585ee5f758fd13d7507b5e68 venafi-pki-backend_v0.8.2+1073_windows.zip
1726943661dbe8573c3258104c9197704aa62d8d4af0a959eb868d722197d71b venafi-pki-backend_v0.8.2+1073_windows86.zip
New Role Parameter
- Added
zoneparameter to PKI role to enable multiple zones to be used with the same Venafi secret and avoid issues when Trust Protection Platform token is refreshed
110b71aebdb3db1c8f5b33fa17dd668a0c02b30e77bd0f90e23083630566963e venafi-pki-backend_v0.8.1+1033_darwin.zip
0e4e3dffcfc79e60ae33aef175f76af02b3024d1469d7099b0a82246d21f264f venafi-pki-backend_v0.8.1+1033_darwin86.zip
1dd34d61fbc2b3af9a81bb8e2c8f14d106855955701cbdf4ed853b3599ac64aa venafi-pki-backend_v0.8.1+1033_linux.zip
10ad05ad230b612a7483ef311fdc8cd15c0fbeee9561cdf0fe93406be6dcac85 venafi-pki-backend_v0.8.1+1033_linux86.zip
8cb30a9a88dbf5161f40e6689e72152da7bc3046da4e5357a2b81bf60359c89c venafi-pki-backend_v0.8.1+1033_windows.zip
b716ef1e16d9c467a7913819a09a06eb81d54cf9e033f8442727f804c899192c venafi-pki-backend_v0.8.1+1033_windows86.zip
Flexible Validity Period and TPP Custom Fields
- Enable
ttlparameter for specifying validity period when requesting a certificate using the/issueand/signendpoints - Added support for setting Custom Fields when requesting certificates (Trust Protection Platform only)
e22a3b1eed2755602fdb7229d19038a7104844bd396e62944642cdd2b83ea5fe venafi-pki-backend_v0.8.0+1018_darwin.zip
81d9c815e9f755a0c2e9fd09eedecb4b886276269d8096951169efcc8d0ff6b5 venafi-pki-backend_v0.8.0+1018_darwin86.zip
e0581ec3e97639c1c15074a3c0a4c0ae7098851f99d2ef65bcaf61ea3a2a975a venafi-pki-backend_v0.8.0+1018_linux.zip
db81dd1c173f4f012138a2d1c1e4d103a82d77bd08e534672baaaa82d361209e venafi-pki-backend_v0.8.0+1018_linux86.zip
376bc67e462a765d2e9c05d2789821fdd54f874d5e43646ac4a0e6ef675a7068 venafi-pki-backend_v0.8.0+1018_windows.zip
6371ae7b9bb0789b4ced7c7f99406ce5df4e1b47465cc86dc7e5ed937bcc649f venafi-pki-backend_v0.8.0+1018_windows86.zip