Skip to content

Releases: Venafi/vcert

v5.1.0-rc1: Support for Firefly Issuer

22 Aug 18:53
@vfidevbot vfidevbot
v5.1.0-rc1
8ca51c5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.1.0-rc1: Support for Firefly Issuer Pre-release
Pre-release

NEW FEATURE: Support for Firefly Issuer

  • Added new feature that allows users to request certificates from the new Venafi Firefly platform.
  • Added support for OIDC authorization. Now is possible to request auth tokens from any server that supports OIDC
  • Added support for Venafi Firefly Issuer on Playbook

General Fixes

  • Fixed issue whereby vcert version is unknown when using vcert --help

VCert Playbook Fixes

  • Fixed issue whereby whencsr is set to local, vcert attempts to retrieve the key from the Venafi platform and failed. Private Key is already on client's side, so no need to request it from Platform
19cdd417d6fbc3e77d79a9493bd99d2cbbfd0b90  vcert_v5.1.0-rc1_darwin.zip
264b9fa9dae9186f6cd352be08f00743e573050f  vcert_v5.1.0-rc1_darwin_arm.zip
a09880dd2f71aa10d1c62010f760b2d670790331  vcert_v5.1.0-rc1_linux.zip
79f82cc7a496da7ba5543e95fe0265197bcce555  vcert_v5.1.0-rc1_linux86.zip
99edcf63550e899d63ae1491066e4a2682136ced  vcert_v5.1.0-rc1_linux_arm.zip
56b0749778be69cc283d6166f0be77f3cb66c253  vcert_v5.1.0-rc1_windows.zip
b21f530e6449ba39492f4d75e58bc16067bdeb51  vcert_v5.1.0-rc1_windows86.zip
Assets 9
Loading

v5.0.1: Bumped module version to v5

01 Aug 18:52
@vfidevbot vfidevbot
v5.0.1
b05b094
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.1: Bumped module version to v5

This release bumps the module version from github.com/Venafi/vcert/v4 to github.com/Venafi/vcert/v5 which was missed on previous release

460dd6070856069cd86959cabcd9cb3084be157a  vcert_v5.0.1_darwin.zip
a4fadc8618127ff2667bce5e4108458248e970e8  vcert_v5.0.1_darwin_arm.zip
66e9b4df24f6353b685cc94833fad7db16c5d6b3  vcert_v5.0.1_linux.zip
6d4698dd4b95b11d118d25be6639b3178042cf6d  vcert_v5.0.1_linux86.zip
b5cc1a6ec5fcdca05db94c176eb3ac86d3e258c1  vcert_v5.0.1_linux_arm.zip
f0632a9c701b4d4a7e75f691ae62270b3a7d6408  vcert_v5.0.1_windows.zip
1a6e0f79c3e8d2649734e77e272f851b14c0a3f3  vcert_v5.0.1_windows86.zip
Assets 9
Loading

v5.0.0: VCert Playbook

01 Aug 00:02
@vfidevbot vfidevbot
v5.0.0
7945ab8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0: VCert Playbook

NEW FEATURE: VCert Playbook

Added new feature that allows users to write a yaml file with all the configurations required to request/renew and install certificates. Thus providing a lot more flexibility when managing certificates.

  • Want multiple certificates in multiple locations? You can do it with the playbook feature!
  • Want certificates to be renewed after an specific threshold has been reached? You can define, days hours or relative percentage in the playbook!
  • Want specific scripts/actions to be performed after a certificate has been installed? The playbook feature has you covered!!
    For all the neat details please check this readme https://github.com/Venafi/vcert/blob/master/README-PLAYBOOK.md

The feature includes:

  • Configuration section to define platform to connect and credentials to use
  • CertificateTasks section to define how a given certificate is managed
  • CertificateTasks.Request section to define all the values of the CSR for the certificate
  • CertificateTasks.Installations section to define where the certificate is installed/saved
  • Certificate formats supported: PEM, JKS, PKCS12, CAPI for Windows
  • Venafi Platforms supported: TPP, VaaS

For all the neat details please check this readme https://github.com/Venafi/vcert/blob/master/README-PLAYBOOK.md

Other fixes and enhancements

VCert SDK:

  • Enabled TPP's reset endpoint with function ResetCertificate [GH-295] [GH-297]
  • Added ability to use TPP's Custom Logs API [GH-288]
  • Enabled creating ED25519 Certificate Key-Pairs in local mode for Venafi as a Service and also did some enhancement to renew a certificates for NewRequest function [GH-293]
  • Added ValidityDuration attribute to Request object for doing certificates issuance instead of (deprecated) ValidityHours. [GH-292]
  • Fixed bug for domain validation in Policy management feature [GH-284]
  • Fixed a bug that would happen when validating Location if providing a FriendlyName in TPP [GH-294]

VCert CLI:

  • Fixed bug in message when a bad API Key for VaaS is provided [GH-289]

VCert CLI and SDK:

  • Added ability to retire certificates using the retire command [GH-287]
5b24fb369b0cd82404e5b8a05913a14b99d13274  vcert_v5.0.0_darwin.zip
a33e6b42abae44c9a222a63a514bf7ac4c06f72b  vcert_v5.0.0_darwin_arm.zip
57f87d2aae295a8673c72fef6690c6889f42ddd1  vcert_v5.0.0_linux.zip
a641762c7240a47700882bda23a069b7c72ff85b  vcert_v5.0.0_linux86.zip
470bed259f7e087eaf7c21c607e77cb2348fbbef  vcert_v5.0.0_linux_arm.zip
e12b902b1c58fbbdf8a84b47f3a9f1af7d0d6b92  vcert_v5.0.0_windows.zip
d70914bd846c81c0a5f1cae11343fcd96d473ed9  vcert_v5.0.0_windows86.zip
Assets 9
Loading

v5.0.0-rc1

24 Jul 19:42
@vfidevbot vfidevbot
v5.0.0-rc1
d0c9831
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0-rc1 Pre-release
Pre-release 
84cb6a99384352f6a42d5c5279975bb7a76d09fb  vcert_v5.0.0-rc1_darwin.zip
fce373278a529db6a2999239bb9b1fc45755b08c  vcert_v5.0.0-rc1_darwin_arm.zip
7fd8d0c4481c8f3be1db0a6767af82fb82e718e2  vcert_v5.0.0-rc1_linux.zip
0b67146adb32d6d5daa440907015ae822931c0ec  vcert_v5.0.0-rc1_linux86.zip
594b8e7c73a157bce49cb589f22e9d4e7299df63  vcert_v5.0.0-rc1_linux_arm.zip
ecf41073089a27f7c9871d434f616e4394498f5c  vcert_v5.0.0-rc1_windows.zip
dfa41d9cb58efd29471671f96b4e77d3c4cbb1c9  vcert_v5.0.0-rc1_windows86.zip
Assets 9
Loading

Support for Linux ARM Binaries. Removes self-healing factor from VCert

10 Feb 18:16
@vfidevbot vfidevbot
v4.24.0
8d6c4fc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Support for Linux ARM Binaries. Removes self-healing factor from VCert
  • Added support for Linux ARM binaries.
  • As per issue #273, we are reverting the self healing factor for VCert in #274.
a97990b9feba545f2848bf2dd1e0cf69c0dabf96  vcert_v4.24.0_darwin.zip
482a447e4637525ce96919436b7fb32915fa7869  vcert_v4.24.0_darwin_arm.zip
18daa76ed4cfe0128334e7360bc4e3f65f004df7  vcert_v4.24.0_linux.zip
6b42d5dd743b282b5314252f389ce0b7be9a58d2  vcert_v4.24.0_linux86.zip
cdcd734ca925f92cff62915a4c17fed2e1b58e52  vcert_v4.24.0_linux_arm.zip
03815c0d99e02715b0f1a88fd9c1d287a9c67410  vcert_v4.24.0_windows.zip
21b928df16cf305d5cec4ac65abdc28275f3326f  vcert_v4.24.0_windows86.zip
Assets 9
Loading

Enhances VCert enrollment for TPP to have a self-healing factor and bug fixes

16 Dec 19:17
@vfidevbot vfidevbot
v4.23.0
240fe8f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Enhances VCert enrollment for TPP to have a self-healing factor and bug fixes
  • The VCert enroll workflow is now able to recover from the error message:
unable to retrieve: Unexpected status code on TPP Certificate Retrieval. Status: 500 Certificate [...] Fix any errors, and then click Retry.

This message appeared when enrollment of a certificate that had an old failed enrollment. This has been implemented by changing RetrieveCertificate to also reset the enrollment when a past failed enrollment is found.

  • Bug-fix: Adds missing values when getting policy specification from VaaS
  • Bug-fix: Allows empty CN/SANS in Cloud/VaaS certificate search
aa58cbbefa2b339e525bb23096c63e39a739e4f8  vcert_v4.23.0_darwin.zip
f141c5a0255df66085124dfa5253c38006584823  vcert_v4.23.0_darwin_arm.zip
bb1e4af8e817777647531ad6e724e01369fa5b72  vcert_v4.23.0_linux.zip
c86a4ba0ef7fdfb2aa6e98469f238e2883ea22a3  vcert_v4.23.0_linux86.zip
1195420cf6de51870439028aaa216f051e5e54b5  vcert_v4.23.0_windows.zip
8b557a57670dc1ab9063150a419a52841fd05e3c  vcert_v4.23.0_windows86.zip
Assets 8
Loading

Adds user identity for TPP connector and minor fixes

09 Sep 23:04
@vfidevbot vfidevbot
v4.22.1
b89f255
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Adds user identity for TPP connector and minor fixes

  • Fixed a bug that prevented to allow empty CN/SANS in Cloud/VaaS in searchCertificate connector method

  • Adds user identity and exposes RetrieveSystemVersion method in TPP connector. Also exposes ExpiredIn attribute OauthGetRefreshTokenResponse struct

3cacbb1d9afd581aa2525cd0dc1ee0d50f11f6ce  vcert_v4.22.1_darwin.zip
578384ae419d95e40940ab49f01dca8e5a117177  vcert_v4.22.1_darwin_arm.zip
bf2cd52345a8905f12bad68edde3236ed078bf65  vcert_v4.22.1_linux.zip
c16e1a66aa2458ec94c4fded7613402d3955e1ed  vcert_v4.22.1_linux86.zip
8437c96dace9482f316c4bcb63769e0ab2a2c25c  vcert_v4.22.1_windows.zip
133f60e43d71feeed78155d9b9bcb7620a3283a7  vcert_v4.22.1_windows86.zip
Assets 8
Loading

Added SDK Search valid certificate

31 Aug 01:17
@vfidevbot vfidevbot
v4.22.0
0890bb6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Added SDK Search valid certificate
  • Added an SDK function that enables searching for a valid certificate.
  • VCert's signatures for darwin and linux versions are now into the related zip files.
c78348c03561abb3cc141fe1cf8f636dfb01e1c2  vcert_v4.22.0_darwin.zip
6909f0b0e4f3ac3fe2def10358c2122314fab1b6  vcert_v4.22.0_darwin_arm.zip
d86113b8c047d69c90dcf312223fe30af2e876aa  vcert_v4.22.0_linux.zip
db9df9d5a04757239eace2a950792df8d9c59c81  vcert_v4.22.0_linux86.zip
11bf06d4e46ec0ccce6ec5078ce8dc5663b3aff8  vcert_v4.22.0_windows.zip
d1b82dcae95dc60e6fc2ab08abdd095bef95427f  vcert_v4.22.0_windows86.zip
Assets 8
Loading

Added ability to auto-create VaaS apps for headless registration, certificate re-enabling and bug fixes

03 Aug 21:15
@vfidevbot vfidevbot
v4.21.0
3efcf68
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Added ability to auto-create VaaS apps for headless registration, certificate re-enabling and bug fixes
  • Added ability to automatically create VaaS applications if they are for the Default issuing template. As such a new user would only need to invoke two actions to obtain a test certificate, getcred and enroll:
vcert getcred --email [email protected]
vcert enroll -k xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -z "Headless\Default" --cn test.venafi.example
  • Fixed a bug that prevented to renew a certificate using --format pkcs12.
  • Added reenable attribute for certificateRequest struct in order to enable certificates that are disabled.
  • Fixed handling of Organization Unit in structures that used it (as it was removed from Venafi as a Service) and error handling when creating applications (previously the output made it seem as though it was successful when it wasn't).

Starting from this version, VCert binaries are digitally signed

2b1277f3fcac0f13405522ea0e49fd750ca168b7  vcert_darwin.sig
41b1f12bf78b5c9e58639c879aa822ea4d9e8d4e  vcert_darwin_arm.sig
b0453ab21a5001f618c228e7894065632a57297e  vcert_linux.sig
9e387c2890d33bdce20c9533b0d773a467ffa934  vcert_linux86.sig
0b5329394f7d674a2b6694eac4ad58337806fd8c  vcert_v4.21.0_darwin.zip
0625e69148cfb820bd69abbd8ccd7d44ebaee8f2  vcert_v4.21.0_darwin_arm.zip
ac369898b7195b84aa2f08c1ceca8e9092fc1770  vcert_v4.21.0_linux.zip
d47f15e86fcb33b6e9c1054e4abb7ffdea0ec083  vcert_v4.21.0_linux86.zip
3f3896d414be59966d83698d155735eaccee08ce  vcert_v4.21.0_windows.zip
fcaef8988e014033eb198c9918f8c833ab4a017d  vcert_v4.21.0_windows86.zip
Assets 12
Loading

Headless Registration for Venafi as a Service

17 May 17:36
@vfidevbot vfidevbot
v4.20.1
e9e3c6a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Headless Registration for Venafi as a Service

Extended the getcred action to support headless registration new of Venafi as a Service users and API key rotation for existing users (if VaaS configuration allows).

For example, vcert getcred --email [email protected] would create a new VaaS company (if one didn't already exist), create a new zach.jackson user in the company (if one didn't already exist), and return an inactive API key. At approximately the same time, VaaS will send an activation email to the specified address with a link that, when clicked, activates the API key. If the user already exists in VaaS and an administrator has enabled "API key reset" for it, the command will also return an inactive API key that would replace the user's current API key upon clicking the activation link in the email that immediately follows.

919b7df3365080bfc619ad0292744b08a67ba5bc  vcert_v4.20.1_darwin.zip
ee6951542ef3eddd93ab8797ebca94d32f00f90a  vcert_v4.20.1_darwin_arm.zip
e904a34d779c474260adb83c227083cd2e520a5f  vcert_v4.20.1_linux.zip
c9a0909b303df8375ea6869aaf1def04f6aa35d4  vcert_v4.20.1_linux86.zip
fd3c0e9f95aaa143d595a7b52c66e4207df22e2f  vcert_v4.20.1_windows.zip
d446da25b6f1cca624c1f122e86317acb3005957  vcert_v4.20.1_windows86.zip
Assets 8
Loading