Release Notes

Update: The CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. Connector Client now includes retry logic to resubmit result data if the following errors are encountered:
- The SSL TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers. connection could not be established, see inner exception. (80131620)
- A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
This is in addition to pre-existing retry logic for other scenarios such as receiving a 503 Service Unavailable from the server.

Update: The CA Connector Client now supports installation in container. Instructions are provided for Docker, Kubernetes without Helm and Kubernetes with Helm. Containerized CA Connector Client supports HTTPS CAs only.
Fix: For Linux installs, when a destination is not specified, the logs directory is now created in the correct location (/opt/keyfactor/ca-connector/logs).

Update: The default installation path for Linux installs has changed to:

/opt/keyfactor/ca-connector

Update: An appsetting.json parameter A parameter or argument is a value that is passed into a function in an application. has been added to specify which transport protocol (WebSockets or LongPolling) should be used for the communication between the CA Connector Client and the CA Connector API An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. on the Keyfactor Command server (see Appsettings.json File).
Update: A CAConfigCacheExpirationMinutes parameter has been added to specify the number of minutes that the CA configuration will be cached before being cleared.

Update: The install now does a connectivity test to Keyfactor Command and the OAuth identity provider before beginning the install to confirm a connection to both. If the connection to either fails, including SSL connectivity issues, the install will be terminated. Some connection states result in a warning and the installation will continue. For example, a warning will appear if no CA connector record matching the name of the CA Connector Client being installed is found in Keyfactor Command (see Preparing).
Update: A NoValidate parameter has been added to skip the connectivity test to Keyfactor Command and the OAuth identity provider.

Highlight: The connector client has been updated to communicate directly with Keyfactor Command rather than via the remote CA service and configuration that was previously done in the Remote CA Configuration Portal is now done in the Keyfactor Command Management Portal.
Update: The connector client uses OAuth token authentication to authenticate to Keyfactor Command.
Update: The connector client uses RabbitMQ to manage communications between the CA Connector Client and Keyfactor Command.
Update: The connector client now requires .NET 8.
Update: A script has been added to support changing connector client secrets (see Change Service Account Passwords).
Update: An Audience parameter has been added to support token authentication.

Was this page helpful? Provide Feedback

Version v25.2.1

On this page: