Change Log
- Form to request Code Signing certificates
- Form to request Sub CA certificates, e.g. for Firewalls that inspect TLS traffic
- Form to manually request user certificates, e.g. for RDP or AVD SSO or import on smart cards like Yubikeys
- More to be announced
- Store certificates issued via Jamf, Static, Static-AAD, and DC endpoints in Storage Account (and allow manual revocation in Certificate Master)
- Partial support of ECC CAs
- Better error messages on some faults
- Improvements to compliance checks
- An additional extension better suppresses usage of ephemeral certificates on Windows
- An additional SCEP endpoint for Apple devices prevents issuance of ephemeral certificates
- Fake CDP endpoint for cases where a CRL is technically required (the CRL contains no entries yet, though)
- Minor bugfixes/improvements
- Better compatibility with Microsoft's API changes to list certificate issued via Intune
- Minor improvements
- Improved installation experience
- Intune-enrolled user certificates become invalid when user risk exceeds a configured threshold (requires an additional permission for which you must re-run the SCEPman configuration script)
- Library updates
- UI improvements
- Additional certificate file formats for Certificate Master
- Certificate Master lists issued client certificates for manual revocation (requires an additional permission for which you must re-run the SCEPman configuration script)
- Library updates
- Library and Framework updates
- Improved Performance with .NET 6
- Other library updates
- Robustness
- Bearer Authentication for Jamf Classic API
- Minor Improvements
- Manually issue TLS Server certificates
- Revoke manually issued certificates
- Search for manual certificates
- Library and Framework updates
- Improved Performance with .NET 5
- Azure Key Vault
- Other library updates
- New UI
- So beautiful and with a new logo
- Detailed information on activated SCEP endpoints
- Various minor improvements
- Also working for Windows devices during enrollment
- Minor advancements
- Improved error messages
- Improved robustness in exceptional situations
- Correct answers to invalid OCSP requests, which may occur rarely for certificates issued by SCEPman 1.5 or earlier
- Option to configure a "Clock Skew" for clients with clocks running slow (> 10 minutes), which happens in few tenants for Intune-managed Windows devices
- Logging
- Less log clutter on Info level
- Performance
- Caching some repeated requests to Graph API
- Bugfix regarding OCSP checks for certificates issued via JAMF
- Moved the release path to https://github.com/scepman/install. Please update your setting WEBSITE_RUN_FROM_PACKAGE as described in Section Application Artifacts.
- Minor advancements
- Workaround a bug on some Android versions to gain correct validity periods
- SCEPman CA certificates receive an Extended Key Usage to improve compatibility with some versions of Cisco ISE
- Further improvements to error messages
- Updated some dependencies
- Improved Homepage
- Bugfix where some OCSP requests were unanswered
- Bugfix impacting local logging
- Support for certificates for Domain Controllers, especially for use in Windows Hello for Business (Enterprise Edition only)
- Improved error logging
- Bug fixing
- Key Usage, Extended Key Usage, and validity period configured in the request (i.e. in Intune)
- Improved performance when answering certificate and OCSP requests
- Performance enhancements
- Bug fixing
- Support for Authentication-Only user certificates (VPN, Wifi, network) in addition to device certificates.
- Support for Intune blade certificate list
- Changed Log component
- Support for SAN Attributes
- Sanity Checks
- First release of Community Edition
- Initial release
Last modified 1mo ago