Jul
03
2026
Certificate filter
- Added an automatic certificate filter to the certificate/key load mechanism that will prevent corrupt, bad structured or inconsistent certificates and keys into the system which may cause problems in cryptographic operations later. These are:
- Syntax errors in URIs within the Subject Alternative Names (e.g. invalid spaces or special characters)
- Invalid IP address formats in the Subject Alternative Names (e.g. malformed bytes for IPv4/IPv6)
- Faulty ASN.1 encoding of the Subject Alternative Names extension in the certificate
- Invalid string formatting or incorrect escapes in the Distinguished Name (DN) of the Subject
- Unknown or invalid OIDs (Object Identifiers) in the Subject of the certificate
- Mismatched Algorithms (algorithm conflict between Private Key and Public Key in the end-entity certificate)
- Incorrect password or corrupt encryption of the specific Private Key in the keystore
- Structurally faulty certificate chains in key entries
- Dependencies: Updated HikariCP to 7.1.0
- Dependencies: Updated Postgres jdbc driver to 42.7.12