sscg-3.0.7

What's Changed

• Rework CI tests for new Github runners by @sgallagher in #73
• Ensure 'critical' basicConstraint for CA cert by @sgallagher in #75

Full Changelog: sscg-3.0.6...sscg-3.0.7

sscg-3.0.6

What's Changed

• Extend maximum DNS name to 255 by @sgallagher in #70
• Fix compatibility with OpenSSL 3.4+

Full Changelog: sscg-3.0.5...sscg-3.0.6

sscg-3.0.5

Full Changelog: sscg-3.0.4...sscg-3.0.5

sscg-3.0.4

Full Changelog: sscg-3.0.3...sscg-3.0.4

sscg-3.0.3

What's Changed

• Debian packaging: Drop obsolete popt paragraph by @martinpitt in #53
• CI: Drop CentOS Linux, long live CentOS Stream! by @sgallagher in #54
• Packit: Drop redundant epel-8 build by @sgallagher in #55
• Get Fedora container images from Quay.io by @sgallagher in #57
• Truncate IP address in SAN by @sgallagher in #56
• Modernize the Packit configuration by @sgallagher in #58
• Increase create_csr_test unit test timeout by @martinpitt in #60
• Add tests for cert validity and key strength by @sgallagher in #61
• dhparams: don't fail if default file can't be created by @sgallagher in #62
• Update Github checkout to v3 by @sgallagher in #63
• Track the latest run-on-arch action by @sgallagher in #64
• Add Ubuntu 22.04 to the test matrix by @sgallagher in #65

Full Changelog: sscg-3.0.2...sscg-3.0.3

SSCG 3.0.2

What's Changed

• Debian packaging: Accept *.tar.gz files as well, bump test timeouts by @martinpitt in #48
• Debian packaging: Drop bogus Recommends: by @martinpitt in #49
• dhparams: Fix the FIPS_mode() call for OpenSSL 3.0 by @schopin-pro in #51

New Contributors

• @schopin-pro made their first contribution in #51

Full Changelog: sscg-3.0.1...sscg-3.0.2

SSCG 3.0.1

What's Changed

• Debian packaging: Add subprojects/popt to copyright by @martinpitt in #26
• Debian packaging updates, fix build failures due to test timeout, fix CI on Fedora/CentOS by @martinpitt in #27
• Correct certificate lifetime calculation by @allisonkarlitskaya in #28
• Drop popt and clean up git archive by @sgallagher in #34

New Contributors

• @allisonkarlitskaya made their first contribution in #28

Full Changelog: sscg-3.0.0...sscg-3.0.1

sscg 3.0

sscg 3.0

New features

• Support for OpenSSL 3.0
• Support for outputting named Diffie-Hellman parameter groups
• Support for CentOS Stream 9

Major version notes

• SSCG now requires OpenSSL 1.1.0 or later.
• sscg will now always output DH parameters to a PEM file. It will default to using the ffdhe4096 group.
• Generated certificate lifetime now defaults to 398 days, rather than ten years to conform to modern browser expectations.

sscg-2.6.2: Release SSCG 2.6.2

Stephen Gallagher (5):

• Fix missing error check
• Read long password files properly
• Make clang-format optional
• Fix Coverity scans
• Release 2.6.2

sscg 2.6.1

Changelog

Stephen Gallagher (14):

• Bump version to 2.6.1dev
• Fix help message for --client-key-file
• Run clang-format
• Further clarify --client-key-file help message
• Check that key passphrases are within 4-1023 characters
• Output private keys with 2048 iteration count
• Rework passphrase handling
• Fix wrong x509 version in CSR
• Fix memory leaks
• Fix alignment issue with popt
• Prevent uninitialized read error
• Add missing newline for error message
• Fix OpenSSL 1.0 support
• Fix formatting