Release 4.2.0.0
March 20, 2025
What's New?
Import Intermediate and Root Certificate
With this release, we have extended our support to import Intermediate and Root certificates. Earlier, you could only import Leaf certificates. This enhancement allows for a more comprehensive certificate management.
Benefits
In certificate management, Root and Intermediate certificates play an important role as they establish a chain of trust. This chain allows for the secure verification of digital certificates by creating a hierarchical structure. The root certificate serves as the trust anchor, while intermediate certificates connect the root certificate to individual end-user certificates. This setup ensures that only trusted entities can issue certificates, reducing security risks by keeping the highly sensitive root key isolated from daily operations.
To view the option to import a certificate, navigate to the Certificate tab and click New > Import.
New Tokens for Certificates and Assets Tabs
We have introduced two new tokens for the Certificates and Assets tab. These tokens allow you to view details of the most recently found certificates and assets.
These tokens help search for the most recently found certificates and assets. They streamline the process of monitoring security assets, making it easier to stay organized. They can also help ensure that renewals are completed on time, preventing any lapses in protection. They make it easier to keep track of security assets, helping you stay organized. They also help ensure that renewals happen on time, avoiding any gaps in protection.
| Name | Description | Example |
|---|---|---|
| certificate:(lastFound | Use a date range or specific date to search last found certificate. | certificate:(lastFound: [2024-06-15 .. 2025-01-30]) |
| asset:(lastFound | Use a date range or specific date to search the last found asset. | asset:(lastFound: '2024-12-14') |
Upgrade in SSL Grades to Support TLS 1.3
With this release, we have upgraded in SSL grading system to support TLS 1.3.
Following are the updates:
- Removal of TLS_FALLBACK_SCSV from Grading:
- TLS_FALLBACK_SCSV is no longer considered for grading purposes.
- Previously, a warning was issued for systems not supporting TLS_FALLBACK_SCSV, but this is no longer applicable.
- Increased Importance of TLS 1.3 Support:
- If TLS 1.3 is not supported, a warning is issued.
- The minimum grade for systems not supporting TLS 1.3 is capped at 'A-'.
- HSTS Status Impact:
If HSTS (HTTP Strict Transport Security) is disabled or invalid, a warning will be issued, and the grade will be dropped from 'A' to 'A-'.
Benefits
- Enhanced Security
TLS 1.3 is important for security. It improves data security by eliminating outdated cryptography and making connections quicker and easier. It makes sure that mandatory forward secrecy keeps past communications secure even if a private key is stolen. Using TLS 1.3 helps to meet compliance with regulations and improves security against digital threats.
-
Upgrading TLS 1.3 helps in
-
ensuring stronger Cipher Suites and client authentication is always confidential.
-
reducing latency and speeding up connections.
-
To know more, read our latest blog, Key Changes in SSL Labs Grading and Qualys Certificate View.
Ensure that your systems are up-to-date with these changes to maintain compliance and optimal security standards.
Issues Addressed
| Category/Component | Issue |
|---|---|
| Certificate Reporting | We resolved an issue where users could not save settings for delivering the report as an attachment over email. |
| Certificate UI | We resolved an issue where users could not import DigiCert CA to the configuration tab by making relevant code changes. |