Connect2id server 13.7.3
This release of the Connect2id server fixes a bug affecting deployments that have their signing RSA and / or EC keys stored in an Hardware Security Module (HSM). Details can be found in the release notes below.
Download 13.7.3
For the signature validation: Public GPG key
Standard Connect2id server edition
Apache Tomcat package with Connect2id server 13.7.3: Connect2id-server.zip
GPG signature: Connect2id-server.zip.asc
SHA-256: efe4f68520c6ef18512c1feadaaa462719e642bba570eb9c8667eaa16e00d67c
Connect2id server 13.7.3 WAR package: c2id.war
GPG signature: c2id.war.asc
SHA-256: a5b78089710452c2c33b03a1372d648035969d4dd6d814e5b0b9ac5ed19d13a4
Multi-tenant edition
Apache Tomcat package with Connect2id server 13.7.3: Connect2id-server-mt.zip
GPG signature: Connect2id-server-mt.zip.asc
SHA-256: a8991dc660b6c30ebcbc63fd971b9d1d67f336eb8825485e5bda10f66b7ac518
Connect2id server 13.7.3 WAR package: c2id-mt.war
GPG signature: c2id-mt.war.asc
SHA-256: 5d27fa07a3bc057108141b411edac40b418e249e82316d80b4b63bfaa4fdd709
Questions?
If you have technical questions about this new release contact Connect2id support. To purchase a production license for the Connect2id server, renew or upgrade your support and updates subscription, email our sales.
Release notes
13.7.3 (2023-04-14)
Resolved issues
- The validator of signing Connect2id server RSA and EC keys that are backed by a PKCS#11 store (HSM) must use the default or BouncyCastle JCA providers for the signature verification step to prevent public key extraction errors in jdk.crypto.cryptoki/sun.security.pkcs11.P11RSAKeyFactory / P11ECKeyFactory (issue server/857).