We are pleased to announce Topicus KeyHub 13.0. With this release our virtual appliance is ready for general use. Also we started delivering the first features for compliance management. As usual, a number of smaller improvements have been made and many issues have been fixed.
Topicus KeyHub virtual appliance
The Topicus KeyHub virtual appliance no longer has a beta status. It is now ready for general use. While the existing way of upgrading via the docker containers will remain possible, we recommend everyone to migrate to the appliance.
The following improvements to the appliance were made:
TKH-935Support for monitoring via SNMP was added.
TKH-939Logs can now be viewed directly from the appliance manager.
TKH-1000Let's encrypt can now be used to automatically obtain certificates.
TKH-1045Updates and backups can now be scheduled to run automatically.
TKH-1057The docker container for the internal reverse proxy has been rewritten from scratch to make it more secure, reliable and allow support for Let's encrypt.
TKH-1058The virtual appliance can now be configured to be backed up in various ways.
TKH-1064Not only the number of updates, but also the actual updates can now be inspected before updating.
TKH-1065The appliance manager now has a dashboard with the most important information about its performance.
TKH-1067Logs, docker images and backups are now automatically cleaned up over time.
TKH-1068Support for Xen HVM was added.
TKH-1071It is now possible to install directly from a backup.
TKH-1046 With Topicus KeyHub 13.0 we delivered the first feature for compliance management: auditing a group. A manager of a group can initiate an audit of the group, confirming the users in the group. In future versions, these audits can be reviewed by other managers and managers of the special security officers group. Expect many more features in this area in the upcoming releases!
Enforcing a rotating password on all users
TKH-965 To stimulate the use of a rotating password, which is much more secure than reusing your directory password, it is now possible to enforce this on all users via the directory. When enabled, users will be required to enable password rotation when they provision a group.
The following smaller improvements and bug fixes were made:
TKH-820As preparation for the dashboard for security officers, one group can now be marked as the security officers group.
TKH-882The performance of the My groups page has been improved.
TKH-1018Measuring test code coverage no longer results in numerous exceptions in the logs.
TKH-1019An audit record is now created when an account is (re)enabled.
TKH-1040A warning is shown when a password is entered with caps-lock enabled.
TKH-1043The performance and reliability of the audit log page has been improved.
TKH-1053The application server has been upgraded to WildFly 14.
TKH-1059Using very old bookmarks to the login page no longer triggers errors when invalid data is given via the
TKH-1060Broken pipes (and other I/O related errors) are no longer logged by default.
TKH-1061Multiple concurrent authentications for the same account from the same browser could cause all but the first to fail.
TKH-1062Pressing cancel when editing or viewing a vault record no longer causes the record to (visually) disappear from its vault.
TKH-1063Pressing ESC when searching for a record on some pop-overs could cause an error.
TKH-1066Providing a very long reason when activating a group no longer gives an error.
TKH-1069SSO with PagerDuty via SAML 2 is now supported.