Software-update: Certify SSL Manager 5.1.4

Let's Encrypt is een initiatief om zoveel mogelijk sites https-ondersteuning te geven door gratis ssl-certificaten te verstrekken en de implementatie makkelijker te maken. De meeste tools hiervoor zijn echter alleen beschikbaar vanaf de commandline. Certify SSL Manager biedt een grafische interface voor het aanvragen en beheren van deze certificaten op Windows Servers met IIS. De ontwikkelaars hebben versie 5.1.4 uitgebracht en sinds versie 4.1.8 zijn de volgende veranderingen en verbeteringen aangebracht:

Certify SSL Manager 5.1.4

Fixes:

• ADFS deployment task fix/update
• Fix option checkbox handling for various deployment task.
• Catch exception if ACME registration timeout occurs

Certify SSL Manager 5.1.3

Fixes:

• Powershell scripting logon type for local user should use . if no domain specified.
• Fix PFX password choice display under Certificate > Advanced (if enabled), export/conversion of password protected PFX in deployment tasks

Certify SSL Manager 5.1.2

Fixes:

• SimpleDNS provider updates and fixes
• Startup exception when no existing items present

Certify SSL Manager 5.1.1

Fixes:

• Fix issue using SimpleDNS API

Certify SSL Manager 5.1.0

Features:

• Custom CSR (useful for SAP Netweaver and many other servers) and Custom Private Key support
• RFC2136 DNS validation support via Posh-ACME and nsupdate
• New Hashicorp Vault deployment task.
• New Settings UI, including options to Enable/Disable preview features
• (Preview): Specify custom PFX password (stored credential)
• (Preview): Custom CA Editor
• (Preview): Import and Export Migration Tool - prepares a bundle of settings and files for deployment to another server, or for backups.

Enhancements:

• DNS plugins are now dynamically loaded, allowing custom plugins (contributed by https://github.com/TwelveBaud)
• CSV import now accepts 'auto' site id for auto deployment
• New Tasks tab (previously under Deployment) to highlight Tasks feature
• SSH/SFTP tasks now accept hostname:port to allow for custom ports.
• Licensed installs can now deactivated from the UI (for decommissioning or license key changes).

Fixes:

• Changes to authentication for network file copying tasks and Powershell to aid with domain/network authenticated tasks.
• Certificate export updates and fixes
• Misc fixes and refinements

Certify SSL Manager 5.0.12

Fixes:

• Improve integration of Posh-ACME DNS providers (fix Google Cloud etc)

Certify SSL Manager 5.0.11

Fixes:

• The advanced Re-fetch certificate feature should only be used if you have an existing cert order with the ACME CA
• Settings save should not produce an error if no CA is currently selected
• Default theme should still be light
• (Dark mode) checkboxes not showing in domains list
• if previous session used dual monitors, don't place the UI offscreen on resume with single monitor.
• Add additional logging for permissions issues on service startup

Certify SSL Manager 5.0.10

Fixes:

• Fix startup exception when parsing invalid trusted root certificates from local store.

Certify SSL Manager 5.0.9

Features:

• Add powershell version detection to app diagnostics (PowerShell v5 or higher is required for scripting and certain deployment task functionality)
• UI styling updates
• Update cert revoke UI
• Revised acme-dns workflow

Certify SSL Manager 5.0.8

Features:

• Deploy certificate to Azure Key Vault
• Infoblox DNS provider via Posh-ACME

Fixes:

• Manual DNS requests should pause and be manually resumed.
• EasyDNS (Posh-ACME) parameter fixes
• Service Manager deployment task bug fixes
• Upgrades from very old versions should only use background service for renewals

Certify SSL Manager 5.0.7

Features:

• Cert Friendly name now included in results object for PowerShell scripting

Fixes:

• Improved Ssh/Sftp handling in Deployment Tasks, Service Manager fixes and improvements
• Deferred (manual) deployment tasks properly skipped during normal requests/renewals

Certify SSL Manager 5.0.6

Features:

• New Service manager deployment task (restart, stop or start a service)

Fixes:

• Script task run as local service duplication removed, misc UI fixes

Certify SSL Manager 5.0.5

Features:

• improvements for challenge validation with non-Let's Encrypt CAs (e.g. small-step ACME)
• Add basic support for viewing certs from external cert managers (win-acme and Posh-ACME)

Fixes:

• UI Updates, Binding Deployment exception & misc fixes

Certify SSL Manager 5.0.4

Features:

• New Wait n Seconds.., Deploy to Generic Server, RDP Gateway and RDP Listener Deployment Tasks

Fixes:

• CCS Export validation, cert full-cleanup job, script task error results, misc fixes

Certify SSL Manager 5.0.3

Fixes:

• Deleting deployment task, PowerShell/DNS path fixes

Features:

• CLI options targeting specific renewal categories

Certify SSL Manager 5.0.2

Fixes:

• PowerShell scripting task, deployment task status results

Features:

• UI for Deployment task last run status

Certify SSL Manager 5.0.1

Fixes:

• Post-ACME DNS Provider arguments, credential list UI binding

Certify SSL Manager 5.0.0

Multi-ACME Account Support

• New support for multiple ACME accounts (including BuyPass Go), additional/custom ACME CAs are configurable
• New support for using Staging accounts (useful for testing without affecting production rate limits).

Deployment Tasks:

• Unlimited pre/post-renewal Tasks tasks such as export, copying, scripting, webhooks.
• You can now defer and control deployment tasks so they can be part of scheduled maintenance outside of certificate renewal itself.
• Deploy to windows, linux or other SSH hosts.
• Deploy as specific users (windows, network, unix/linux)
• Flexible certificate/key export in a range of common formats
• Includes pre-built Deployment Tasks for MS Exchange, ADFS, Apache, nginx, Tomcat, CCS, Remote Access (VPN, SSTP), RDP Gateway/Listener

DNS Providers:

• 26 new DNS API providers via Posh-ACME. We now offer over 38 different DNS update providers/methods.
• New TransIP DNS API provider contributed by ErikVO https://github.com/ErikvO

Misc:

• Hundreds of smaller UI changes including IIS FTP site support, integrated documentation links for DNS providers etc, release notes UI
• Dark theme
• UI Scaling options for enhanced accessibility
• Command line option to scan for certificates that have been revoked to flag them for renewal
• Bug fixes (and perhaps some new bugs, keep an eye out for them!)