Releases: Venafi/vcert-python
Support for PKCS12 format and flexible validity periods
- Support for PKCS12 has been added to the response certificate. Calling
certificate.as_pkcs12("password")shall return the certificate content as PKCS12. - Support for flexible validity periods has been added. Setting a value to
request.validity_hours =144will create a certificate with the specified expiration time period. Additionally, an issuer can be defined for TPP withrequest.issuer_hint=IssuerHint.MICROSOFT(or any value available on the IssuerHint object)
Added ability to retrieve the private key for service generated CSR
Added parameter to specify whether the private key should be returned by the server
Support for Service Generated CSR on TPP
Added ability to enroll/renew certificates using service generated CSR
Fixes for Vaas compatibility.
- Removed 'keyReuse' attribute for policy specification creation on VaaS.
- Fixed an issue on the url validation that failed for urls containing upper cases.
Support for SSH Certificates
Added support for SSH certificates in Trust Protection Platform through the new methods:
request_ssh_cert() and retrieve_ssh_cert(). For usage examples check: https://github.com/Venafi/vcert-python/tree/master/examples/ssh_certificates
Timeout fixes
Added a default timeout for request operations in both TPP and VaaS
Certificate Policy Management fixes
- Policy Management token scope separated from Certificate Management scope. Certificate Management scope is now default.
- Fixed an issue where retrieving a policy from VaaS returned the domains values with appended regexes if the Policy was created using any of the vcert sdks. This issue does not happen if the policy was created using VaaS UI.
- Fixed an issue where the Country regexes where being returned as the CN regexes when retrieving a Policy from VaaS.
- Fixed an issue where certificates requested from VaaS would fail to be retrieved even when the status of the Certificate is ISSUED. A timeout has been added to the request, so the sdk will try to retrieve the Certificate for that long before failing.
Support for Certificate Policy Management
Added Certificate Policy Management for Trust Protection Platform and Venafi as a Service through the new set_policy() and get_policy() methods of the CloudConnection, TPPConnection and TPPTokenConnection classes. For a usage example see https://github.com/Venafi/vcert-python/blob/master/examples/set_policy.py
Transitioned Venafi Cloud integration to OutagePREDICT
This release updates the Venafi Cloud integration to use OutagePREDICT instead of DevOpsACCELERATE. The only impact to Venafi Cloud users of VCert-Python is the change in zone syntax. The zone is now "{ApplicationName}\{IssuingTemplateApiAlias}" (e.g. "My Application\My CIT").
Support for Custom Fields with Trust Protection Platform
✨ Added the ability to set Custom Field values when requesting a certificate