TCS

Sectigo Certificate Manager 24.3

Sectigo nos envía los próximos cambios en la versión SCM 24.3:

Scheduled Maintenance: Sectigo Certificate Manager (SCM) 24.3 Release will be deployed Saturday April 6th, 2024 at 11:00 UTC until 17:00 UTC

Planned Start: April 6, 2024 11:00AM UTC
Expected End: April 6, 2024 5:00PM UTC

Affected Infrastructure

Components: Certificate Lifecycle Management Platforms
Locations: SCM (cert-manager.com), SCM (hard.cert-manager.com), SCM (eu.cert-manager.com)

Details:

The SCM 24.1 release includes the following enhancements and fixes:

  • Sectigo Certificate Manager is switching to a new asynchronous reporting architecture to allow reuse of previous report configurations, scheduling of reports and delivery of reports via email. (SCM-8080)
  • The Admin REST API is now exposed on a new URL (API endpoint) that supports OAuth2 Client Credential Flow for authentication. The existing URL continues to use the legacy authentication methods, such as username/password or certificate authentication. The API resources available are identical for the two endpoints. (SCM-9296)
  • A new REST API endpoint is now available to access a customer’s audits. The endpoint uses OAuth2 Client Credential Flow for authentication. The REST API will be used by upcoming integrations to external SIEM solutions. (SCM-9177)
  • Enrolling for a SSL certificate with the Private Key agent now includes any requested SANs in the generated CSR, so enrolling backends other than Sectigo will include them in the issued certificate. (SCM-7514)
  • Improved audits for organization edits. (SCM-9298)
  • Add/Edit Server dialog for Network Agent has been improved to remove unneeded controls and better describe the fields. (SCM-9416)
  • Support for Network Agent 4.0. (SCM-9417)
  • A Private Key agent download link created via REST API by an API admin would fail with a 400 Bad Request status code. (SCM-9521)
  • Importing a person’s private key to the Sectigo Key Vault could fail if no client certificate profile was available. (SCM-6878)
  • Allow auto install for F5 Big IP server to target port 0. (SCM-9110/SCM-9164)
  • Some customers with large numbers of device certificates might encounter an empty Device Certificates card on the dashboard. (SCM-9172)
  • Daily DCV Expiration notification may be sent erroneously after the domain's DCV has been redone. (SCM-9219)
  • Downloading a CSV from the Device Certificate table would fail if some certificates had no CN. (SCM-9536)
  • Enrolling SSL Certificate with Private Key agent via REST API would not store the included passphrase. (SCM-9453)