Changelog for certmonger-0.19-1.fc13.i686.rpm :
Tue Mar 23 13:00:00 2010 Nalin Dahyabhai 0.19-1
- update to 0.19
- correctly initialize NSS databases that need to be using a PIN
- add certmonger.conf, for customizing notification timings and settings,
and use of digests other than the previously-hard-coded SHA256, and
drop those settings from individual requests
- up the default self-sign validity interval from 30 days to 365 days
- drop the first default notification interval from 30 days to 28 days
(these two combined to create a fun always-reissuing loop earlier)
- record the token which contains the key or certificate when we\'re
storing them in an NSS database, and report it
- improve handling of cases where we\'re supposed to use a PIN but we
either don\'t have one or we have the wrong one
- teach getcert to accept a PIN file\'s name or a PIN value when adding
a new entry
- update the IPA submission helper to use the new \'request_cert\' signature
that\'s landing soon
- more tests

Fri Feb 12 13:00:00 2010 Nalin Dahyabhai 0.18-1
- update to 0.18
- add support for using encrypted storage for keys, using PIN values
supplied directly or read from files whose names are supplied
- don\'t choke on NSS database locations that use the \"sql:\" or \"dbm:\"
prefix

Mon Jan 25 13:00:00 2010 Nalin Dahyabhai 0.17-2
- make the D-Bus configuration file (noreplace) (#541072)
- make the %check section and the deps we have just for it conditional on
the same macro (#541072)

Wed Jan 6 13:00:00 2010 Nalin Dahyabhai 0.17-1
- update to 0.17
- fix a hang in the daemon (Rob Crittenden)
- documentation updates
- fix parsing of submission results from IPA (Rob Crittenden)

Fri Dec 11 13:00:00 2009 Nalin Dahyabhai 0.16-1
- update to 0.16
- set a umask at startup (Dan Walsh)

Tue Dec 8 13:00:00 2009 Nalin Dahyabhai 0.15-1
- update to 0.15
- notice that a directory with a trailing \'/\' is the same location as the
directory without it
- fix handling of the pid file when we write one (by actually giving it
contents)

Tue Nov 24 13:00:00 2009 Nalin Dahyabhai 0.14-1
- update to 0.14
- check key and certificate location at add-time to make sure they\'re
absolute paths to files or directories, as appropriate
- IPA: dig into the \'result\' item if the named result value we\'re looking
for isn\'t in the result struct

Tue Nov 24 13:00:00 2009 Nalin Dahyabhai 0.13-1
- update to 0.13
- change the default so that we default to trying to auto-refresh
certificates unless told otherwise
- preemptively enforce limitations on request nicknames so that they
make valid D-Bus object path components

Tue Nov 24 13:00:00 2009 Nalin Dahyabhai 0.12-1
- update to 0.12
- add a crucial bit of error reporting when CAs reject our requests
- count the number of configured CAs correctly

Mon Nov 23 13:00:00 2009 Nalin Dahyabhai 0.11-1
- update to 0.11
- add XML-RPC submission for certmaster and IPA
- prune entries with duplicate names from the data store

Fri Nov 13 13:00:00 2009 Nalin Dahyabhai 0.10-1
- update to 0.10
- add some compiler warnings and then fix them

Fri Nov 13 13:00:00 2009 Nalin Dahyabhai 0.9-1
- update to 0.9
- run external submission helpers correctly
- fix signing of signing requests generated for keys stored in files
- only care about new interface and route notifications from netlink,
and ignore notifications that don\'t come from pid 0
- fix logic for determining expiration status
- correct the version number in self-signed certificates

Tue Nov 10 13:00:00 2009 Nalin Dahyabhai 0.8-1
- update to 0.8
- encode windows UPN values in requests correctly
- watch for netlink routing changes and restart stalled submission requests
- \'getcert resubmit\' can force a regeneration of the CSR and submission

Fri Nov 6 13:00:00 2009 Nalin Dahyabhai 0.7-1
- update to 0.7
- first cut at a getting-started document
- refactor some internal key handling with NSS
- check for duplicate request nicknames at add-time

Tue Nov 3 13:00:00 2009 Nalin Dahyabhai 0.6-1
- update to 0.6
- man pages
- \'getcert stop-tracking\' actually makes the server forget now
- \'getcert request -e\' was redundant, dropped the -e option
- \'getcert request -i\' now sets the request nickname
- \'getcert start-tracking -i\' now sets the request nickname

Mon Nov 2 13:00:00 2009 Nalin Dahyabhai 0.5-1
- update to 0.5
- packaging fixes
- add a selfsign-getcert client
- self-signed certs now get basic constraints and their own serial numbers
- accept id-ms-kp-sc-logon as a named EKU value in a request

Thu Oct 29 13:00:00 2009 Nalin Dahyabhai 0.4-1
- update to 0.4

Thu Oct 22 14:00:00 2009 Nalin Dahyabhai 0.1-1
- update to 0.1

Sun Oct 18 14:00:00 2009 Nalin Dahyabhai 0.0-1
- initial package