search

R1859 (14-Dec-2025)

This major release introduces new features as below:

hashtag
What's New

  • Public Links for Certificate Requests (Public & Private PKI): Users can now generate and share public request links for both Public and Private PKI certificate products, enabling easy request collection without portal access.

  • Basic Authentication for Public Links: A new authentication layer adds security to public request links, ensuring only authorized users can initiate certificate requests.

  • Fortigate, Palo Alto & Kubernetes Integrations: CERTInext now supports integrated workflows for Fortigate, Palo Alto, and Kubernetes environments, enhancing automated deployment and certificate onboarding.

  • OIDC SSO Integration (Okta & Azure): Single Sign-On via OIDC is now available with Okta and Azure, offering seamless and secure login experiences for enterprise users.

  • Expanded Protocol Support (Public & Private PKI): Support for ACME, SCEP, EST, and CMP protocols has been added, enabling flexible automation across diverse infrastructure environments.

  • Bulk Operations Enhancements: Users can now submit private PKI orders in bulk, approve multiple requests at once, and perform bulk downloads of certificates or PFX files for all supported products.

  • Request Certificates Without CSR (Private PKI): Private PKI users can now generate certificates without uploading a CSR; the system automatically provides a ready-to-use PFX file.

  • OAuth2 Support for REST APIs: REST API integrations now support OAuth2 for improved security, token-based access, and easier enterprise adoption.

  • Enhanced Discovery & Provisioning: Discovery and provisioning have been isolated for improved performance, with a revamped Bot creation page supporting script and GPO-based automation.

  • Flexible Bot Configuration (Individual & Bulk): Bots and certificates can now be configured individually or in bulk, allowing overrides and rapid adjustments across large deployments.

  • Multi-Server Certificate Mapping: A single certificate can now be mapped to multiple servers, improving reuse and simplifying deployment strategies.

  • Improved Scan & Bot Status Separation: Scan status is now completely isolated from Bot status, offering more accurate reporting and troubleshooting clarity.

  • Flexible Certificate Deployment Options: During deployment, users may choose between an existing certificate or request a new one, based on operational needs.

  • HTTP-Based DCV via Bot: When the Bot has access to the web-root directory, it can automatically complete HTTP-based DCV (emSign-supported only).

  • Renewal & Deployment Scheduler for Provisioning Bots: A new scheduler automates renewal and deployment tasks for provisioning Bots, reducing manual intervention.

  • Revamped Vulnerability Scanning: Vulnerability scanning for certificate connections has been enhanced to provide deeper insights and more actionable results.

  • Bulk Pause and Resume for Bots: Bots can now be paused, resumed, or reactivated in bulk, making large-scale operational control more efficient.

  • Rollback and Retry Certificate Deployment: Deployment failures can now be rolled back and reattempted, improving reliability and minimizing downtime.

  • Deployment Validation (Manual/Automatic): CERTInext now supports both manual and automated validation to confirm successful certificate deployment.

  • Database Certificate Discovery & Deployment: The platform now supports certificate discovery and deployment for database servers, expanding automation coverage.

  • Subscription & Auto-Renewal Options: New yearly subscription models and automatic renewal features have been introduced for continuous service availability.

  • Auto-Mapping of Provisioning Bots: Provisioning Bots can now auto-map based on the IP address where a certificate is detected, improving automation accuracy.

  • Bulk Certificate Import for Monitoring: Users can import large batches of certificates for monitoring, simplifying onboarding for existing infrastructures.

  • App Server Auto-Detection: Bots can automatically detect application servers and their configuration paths, reducing manual setup.

  • Alerts for Failed Provisioning: New alerts notify users when provisioning operations fail, enabling quicker troubleshooting and resolution.

  • Advanced Bot Performance Configuration: Administrators can configure throttling settings, threads, and batch processing parameters directly in the Bot configuration file.

  • Detailed Certificate History: Each certificate now includes a comprehensive history of all actions performed, offering full traceability and auditability.

  • Agentless Bot Discovery & Provisioning: Agentless Bots now support cross-platform discovery and provisioning, including Windows-to-Linux and Windows-to-Windows operations.

hashtag
Enhancements

  • Skip CSR for Private PKI Products: Private PKI users can now generate certificates without uploading a CSR, allowing the system to automatically create key material and issue a ready-to-use certificate package.

  • Custom Extensions for Private PKI Products: Administrators can now configure custom certificate extensions for Private PKI products, enabling advanced use cases and compliance-driven certificate customization.

  • Platform Localization for German and Spanish: CERTInext now supports full UI localization in German and Spanish, offering a native experience for multilingual teams and global deployments.

  • Bundled Module Views for Simplified Navigation: Related modules are now grouped into unified pages such as Orders + Organizations + Domains + Public Links, Private CAs + Products, combined API interfaces (REST, ACME, CMP, EST), Statements + Invoices, and consolidated User/Role management.

  • UI/UX Enhancements Across the Platform: A new color theme, support for light/dark modes, sortable grid columns, advanced search, Toastr notifications, collapsible PKI trees, redesigned product profile pages, updated action button layouts, and improved date formatting deliver a cleaner, modernized user experience.

  • Discovery: Delete and Re-Discover Certificates: Discovered certificates can now be deleted from inventory, allowing them to be re-discovered on future scans for improved lifecycle management.

  • Security Updates & Technology Upgrades: CERTInext now runs on Java 21, Bootstrap 5.3, and updated security libraries, along with architectural refinements that strengthen platform performance and reliability.

  • Certificate Authorities: Download All Certificates or Full Chain: Users can now download individual CA certificates or complete certificate chains directly from the Certificate Authorities section.

  • Certificate Authorities: Quick Actions for Suspend, Activate & Revoke: Suspend, activate, and revoke actions are now available as quick actions, improving administrative efficiency.

  • Certificate Authorities: CRL Download Support: CRLs can now be downloaded directly from the CA configuration page for operational and compliance purposes.

  • Private PKI Products: Quick Action Suspend/Activate: Administrators can now suspend or reactivate Private PKI products using quick actions, streamlining product lifecycle control.

  • Private PKI Products: Regex-Based Field Validation: Regex-based validation is now available for product fields, ensuring standardized input formats and reducing configuration errors.

  • Custom Roles: Expanded Permission Set: Additional permissions have been introduced for custom roles, offering finer control over access and operations.

  • Renewal Reminder for Private PKI Certificates: Private PKI certificate renewals are now included in the reminder system, ensuring timely action and continuous certificate availability.

  • IP Address Field Support for Private PKI: IP address–based fields are now available in Private PKI configurations, expanding usability for network-specific deployments.

  • Subnet-Based Discovery: Discovery jobs now support subnet-based scanning, improving visibility across distributed environments.

  • Dashboard Enhancements for Certificate Activity: New bar graphs display expiring certificates and total certificates issued, aligned with order activity for clearer operational insights.

  • Database SSL Certificate Discovery & Provisioning: The platform now supports SSL certificate discovery and provisioning for database servers, extending automation to additional infrastructure layers.

  • User Access Restrictions via Tags: Users can now be restricted based on assigned tags, providing granular access control across large organizations.

  • Partner/Sub-Partner Pricing Flexibility: Partner and sub-partner prices for products can now exceed the eMudhra base price, supporting reseller-specific pricing models.

PreviousR1924 (22-Feb-2026)NextR1619 (07-Apr-2025)

Last updated