- Added: fullchain certificate chain is maintained within intermediate authorities
- Added: fullchain added
p12cert files
- Refactored the whole codebase. Methods are splitted into multiple files
- Added: support for elliptic curves
- Added: support for smime certificates
- Added: support for intermediate certificate authorities
- Added: option to use resolved certificate common name as filename (pem,key,crt,csr,p12)
- Changed: cli commands for
caandopenvpninitialization have changed - Changed: default signature algorithm to sha384 (
openssl.conf)
- Bugfix: added
clientAuthto codesigning key usage - Bugfix: code-signing cert revocation pre-check failed
- Added: support for code-signing certificates
- Changed: removed plain-text output from certificate files
-notext - Bugfix: output directory name doesn't use the full common-name based on the configuration - only second name argument was used
- Added: support for host/node certificates (client+server extended usage)
- Bugfix:
subjectAltNamewas missing in server certs (required for self signed webserver auth) - new defaultDNS:<COMMON_NAME> - Bugfix:
CLIENT_COMMON_NAMEtemplate overrides other templates
- Bugfix: Allow whitespaces in certificate common-name
- Added: initialization for generic CAs (not openvpn related)
- Added: support for multiple servers
- Added: server certificate revocation
- Changed: License to MPL-2.0
- Changed: new Syntax is used
- Added: Server certificate is also converted into p12 format
- Removed Password prompt when creating a new client
- Changed: openssl min version to 1.0.0
- Initial Public Release