Skip to content

Bump sslcontext-kickstart-for-pem from 7.4.11 to 8.3.6

Bumps sslcontext-kickstart-for-pem from 7.4.11 to 8.3.6.

Changelog

Sourced from sslcontext-kickstart-for-pem's changelog.

v8.3.6

  • Bumped dependencies
  • Enhanced logging within LoggingX509ExtendedTrustManager
  • Exposed JDK (aka cacert) keystore and System property derived keystore in KeyStoreUtils

v8.3.5

  • Removed verbose debug logging for CertificateUtils
  • Added getters for hostname and port for TrustManagerParameters
  • Simplify usage of Security Provider
  • Bumped dependencies

v8.3.4

  • Bumped dependencies
  • Bug-fix added support for reloading ciphers in SSLEngine, SSLSocketFactory and SSLServerSocketFactory

v8.3.3

  • Added reloadable ciphers
  • Bumped dependencies

v8.3.2

  • Added custom security provider
  • Bumped dependencies
  • Bug-fix remove invalid characters when generating certificate alias
  • Bug-fix handle timout exception correctly on java 8 when extracting certificates

v8.3.1

  • Bumped dependencies
  • Added system name to the system trust manager
  • Bug-fix clear certificate collector after each fetch
  • Bug-fix resolve empty collector for certificate extracting client when disabling resolving root ca
  • Added timeout to certificate extracting client
  • Applied sonar recommendations

v8.3.0

  • Bumped dependencies
  • Added option to extract public key from private key
  • Added option to disable resolving root ca when extracting server certificates
  • Added options to exclude ciphers and protocols in the SSLFactory
  • Bug-fix allow adding new certificates in a nested TrustManager
  • Simplified adding certificates to TrustManager
  • Simplified swapping TrustManagers
  • Added JdkX509ExtendedTrustManager wrapper for JDK trusted CA's from cacerts
  • Added SystemX509ExtendedTrustManager wrapper for OS trusted CA's

v8.2.0

  • Added option to conceal trusted certificate names for a server
  • Bumped dependencies

v8.1.7

  • Resolved CVE-2023-33201 LDAP injection vulnerability caused by transitive dependency of Bouncy Castle in the library of sslcontext-kickstart-for-pem
  • Bumped dependencies
  • Filter out duplicate extracted certificates
  • Add appending capabilities to an existing keystore
  • Added option to extract port from uri

v8.1.6

  • Bug-fix Resolved antivirus alert by removing shell script layer from Mac OS X command to fetch system trusted Certificate Authorities
  • Bug-fix Resolved antivirus alert by excluding ~/Library/Keychains/login.keychain-db keychain file from MacCertificateUtils

... (truncated)

Commits
  • c4497e7 [maven-release-plugin] prepare release v8.3.6
  • 296514f Updated docs
  • f79b2dc Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0
  • a72d2c4 Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0
  • 74c16ac Bump org.sonatype.plugins:nexus-staging-maven-plugin
  • f2ae908 Bump version.byte-buddy from 1.14.16 to 1.14.17
  • f9cdbcd Added additional public api's to the documentation
  • eab4dca Removed printing java version
  • d86e009 Added maxxedev as contributor
  • 1f62d58 Fixed typo
  • Additional commits viewable in compare view


Dependabot commands
You can trigger Dependabot actions by commenting on this MR
  • $dependabot rebase will rebase this MR
  • $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Merge request reports

Loading