1.1.24 (February 22 2024)
- Upgraded embedded OpenSSL to version 3.1.1.
- Default SSL ciphersuite is now set to HIGH:MEDIUM.
1.1.23 (November 2 2023)
- Upgraded embedded Apache to version 2.4.58 (including security fixes).
- Upgraded embedded OpenSSL to version 3.0.12 (long-term 3.x branch).
- Added a setting to listen on IPv6 interface (see waproxy.conf.default).
1.1.22 (October 16 2023)
- Allow the usage of API keys for exposed Web services.
> WebADM proposes client certificates and API keys for Web services.
- Upgraded embedded OpenSSL to version 1.1.1w (including security fixes).
1.1.21 (July 12 2023)
- Added a setting for configuring the maximum number of HTTP workers.
- Enhanced DDOS protection mechanisms.
1.1.20 (June 19 2023)
- Added a configuration for the front-end SOAP service port.
- Added a 'renew' launcher command to renew the SSL certificate and trust
bundle and reload the deamon.
> The renewal can be scheduled via a cron command.
1.1.19 (June 5 2023)
- Upgraded embedded Apache to version 2.4.57 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1u (including bug fixes).
- Added SELinux log context creation in the setup script.
1.1.18 (January 19 2023)
- Upgraded embedded Apache to version 2.4.55 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1s (including bug fixes).
- Fixed an HTTP issue with the responsefieldsize.
1.1.17 (May 6 2022)
- OCSP and CRL are available over HTTP and HTTPs.
- Apache SSL certificate auto-renewal complies with WebADM v2.1.9.
1.1.16 (April 13 2022)
- Upgraded embedded Apache to version 2.4.53 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1n (including bug fixes).
1.1.15 (January 18 2022)
- WebADM CA trust bundle is automatically trusted by WAProxy for PKI login.
> The CA bundle is auto-updated in 'conf/trusted.crt' at startup.
- Upgraded embedded Apache to version 2.4.52 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1m (including bug fixes).
1.1.14 (December 1 2021)
- Upgraded embedded Apache to version 2.4.51 (including security fixes).
1.1.13 (August 23 2021)
- Fixed URLs not ending with '/' beeing redirected to WebADM internal URL.
- Upgraded OpenSSL to version 1.1.1l (including security fixes).
1.1.12 (June 28 2021)
- Upgraded embedded Apache to version 2.4.48 (including security fixes).
1.1.11 ((March 29 2021)
- Upgraded OpenSSL to version 1.1.1k (including security fixes).
- Aligned log file's data/time format with WebADM log files.
1.1.10
- Fixed timeout issues with WebApps using OpenOTP Push login.
1.1.9
- Upgraded OpenSSL to version 1.1.1h (including security fixes).
- Added LetsEncrypt public certificate creation and auto-renewal.
1.1.8
- Upgraded embedded Apache to version 2.4.46 (including security fixes).
- Upgraded OpenSSL to version 1.1.1g (including security fixes).
- Fixed a back-end server failover issue.
- Fixed a timeout issue with mobile push login.
1.1.6
- Upgraded embedded Apache to version 2.4.41 (including security fixes).
- Fixed issues with setup script not finding GNU tools.
- Upgraded OpenSSL to version 1.1.1d (including security fixes).
- Fixed a setup problem where the OPENSSL variable is not defined.
- Fixed SSL communication issues when WebADM has a custom SSL certificate.
- Added a configuration to publish Web Services (not recommended).
- Added Docker start mode with '/opt/waproxy/bin/waproxy start docker'.
- Enhanced support for purchased trusted SSL certificates (ex. Verisign).
> Like in WebADM, you can add conf/custom.crt and conf/custom.key files.
- Setup creates SSL the certificate with SubjectAltName set.
- New SSL certificates are generated for one year for compliance with Chrome.
- Added OpenID-Connect .well-known alias under the server's root URL.
1.1.5
- Upgraded OpenSSL to version 1.1.1c (including security fixes).
> Set "ssl_protocol TLSv1.2 +TLSv1.1 +SSLv3" in conf/waproxy.conf if you
need support for older protocols (TLSv1.1 or SSLv3).
- Added SSL certificate auto-renewal (requires WebADM v1.7.3-1).
- Upgraded embedded Apache to version 2.4.39 (including security fixes).
- Removed DES-related ciphers from the embedded Apache TLS configuration.
- Fixed custom ssl_ciphersuite failing when configured in waproxy.conf.
1.1.4
- Upgraded OpenSSL to version 1.0.2q (including security fixes).
- Use OpenSSL FIPS module 2.0 (FIPS 140-2 certification).
- SSLCertificateChainFile point to the SSL certificate file.
- Added ssl_protocol and ssl_ciphersuite in waproxy.conf for changing
> Apache SSL protocol list and allowed encryption ciphers.
1.1.3
- Upgraded embedded Apache to version 2.4.33 (including security fixes).
- Updated OpenSSL libraries to version 1.0.2o (including security fixes).
- Updated SSL protocols and cypher suite to the current recommendations.
- Fixed Apache segfault with SSL caches.
- Fixed caching issues.
- Fixed second server failover.
- New setup wizard with server URL auto-configuration and SSL certificate
signed by WebADM CA (Rsignd).
1.1.2
- Added the security modules mod_evasive and mod_reqtimeout for DDoS
and slow HTTP request attack protection.
- Added HTTP caching for better performances.
- Upgraded OpenSSL to version 1.0.2k (security fixes).
- Added WAProxy backup and restore scripts in the bin/ directory.
> The scripts can be used for migrating WAProxy to a new server.
1.1.1
- This version of WAProxy is required for use with WebADM >= 1.5.8.
1.1.0
- Upgraded Apache server to version 2.4.25 (security fixes).
- Upgraded OpenSSL library to version 1.0.2j (security fixes).
- Added major enhancement to the setup script.
- Remove RSign setup requirements.
- Full Web Services proxy support has been removed.
> Web Services endpoints (OpenOTP & TiQR) are still included.
- Major code rewrite (please uninstall the old WAProxy first).
> You need WebADM vervion >= 1.5.7 with this version of WAProxy!
- Brand new configuration files' directives.
> Configurations from WAProxy versions 1.0.x are not compatible.
> You must uninstall WAProxy 1.0.x before installing this version!
1.0.3
- Added a new endpoint for OpenOTP mobile communications with
Push login and the RCDevs Authenticator.
- Upgraded Apache to version 2.4.23 and OpenSSL to version 1.0.2h.
- Upgraded embedded OpenSSL to version 3.1.1.
- Default SSL ciphersuite is now set to HIGH:MEDIUM.
1.1.23 (November 2 2023)
- Upgraded embedded Apache to version 2.4.58 (including security fixes).
- Upgraded embedded OpenSSL to version 3.0.12 (long-term 3.x branch).
- Added a setting to listen on IPv6 interface (see waproxy.conf.default).
1.1.22 (October 16 2023)
- Allow the usage of API keys for exposed Web services.
> WebADM proposes client certificates and API keys for Web services.
- Upgraded embedded OpenSSL to version 1.1.1w (including security fixes).
1.1.21 (July 12 2023)
- Added a setting for configuring the maximum number of HTTP workers.
- Enhanced DDOS protection mechanisms.
1.1.20 (June 19 2023)
- Added a configuration for the front-end SOAP service port.
- Added a 'renew' launcher command to renew the SSL certificate and trust
bundle and reload the deamon.
> The renewal can be scheduled via a cron command.
1.1.19 (June 5 2023)
- Upgraded embedded Apache to version 2.4.57 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1u (including bug fixes).
- Added SELinux log context creation in the setup script.
1.1.18 (January 19 2023)
- Upgraded embedded Apache to version 2.4.55 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1s (including bug fixes).
- Fixed an HTTP issue with the responsefieldsize.
1.1.17 (May 6 2022)
- OCSP and CRL are available over HTTP and HTTPs.
- Apache SSL certificate auto-renewal complies with WebADM v2.1.9.
1.1.16 (April 13 2022)
- Upgraded embedded Apache to version 2.4.53 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1n (including bug fixes).
1.1.15 (January 18 2022)
- WebADM CA trust bundle is automatically trusted by WAProxy for PKI login.
> The CA bundle is auto-updated in 'conf/trusted.crt' at startup.
- Upgraded embedded Apache to version 2.4.52 (including security fixes).
- Upgraded embedded OpenSSL to version 1.1.1m (including bug fixes).
1.1.14 (December 1 2021)
- Upgraded embedded Apache to version 2.4.51 (including security fixes).
1.1.13 (August 23 2021)
- Fixed URLs not ending with '/' beeing redirected to WebADM internal URL.
- Upgraded OpenSSL to version 1.1.1l (including security fixes).
1.1.12 (June 28 2021)
- Upgraded embedded Apache to version 2.4.48 (including security fixes).
1.1.11 ((March 29 2021)
- Upgraded OpenSSL to version 1.1.1k (including security fixes).
- Aligned log file's data/time format with WebADM log files.
1.1.10
- Fixed timeout issues with WebApps using OpenOTP Push login.
1.1.9
- Upgraded OpenSSL to version 1.1.1h (including security fixes).
- Added LetsEncrypt public certificate creation and auto-renewal.
1.1.8
- Upgraded embedded Apache to version 2.4.46 (including security fixes).
- Upgraded OpenSSL to version 1.1.1g (including security fixes).
- Fixed a back-end server failover issue.
- Fixed a timeout issue with mobile push login.
1.1.6
- Upgraded embedded Apache to version 2.4.41 (including security fixes).
- Fixed issues with setup script not finding GNU tools.
- Upgraded OpenSSL to version 1.1.1d (including security fixes).
- Fixed a setup problem where the OPENSSL variable is not defined.
- Fixed SSL communication issues when WebADM has a custom SSL certificate.
- Added a configuration to publish Web Services (not recommended).
- Added Docker start mode with '/opt/waproxy/bin/waproxy start docker'.
- Enhanced support for purchased trusted SSL certificates (ex. Verisign).
> Like in WebADM, you can add conf/custom.crt and conf/custom.key files.
- Setup creates SSL the certificate with SubjectAltName set.
- New SSL certificates are generated for one year for compliance with Chrome.
- Added OpenID-Connect .well-known alias under the server's root URL.
1.1.5
- Upgraded OpenSSL to version 1.1.1c (including security fixes).
> Set "ssl_protocol TLSv1.2 +TLSv1.1 +SSLv3" in conf/waproxy.conf if you
need support for older protocols (TLSv1.1 or SSLv3).
- Added SSL certificate auto-renewal (requires WebADM v1.7.3-1).
- Upgraded embedded Apache to version 2.4.39 (including security fixes).
- Removed DES-related ciphers from the embedded Apache TLS configuration.
- Fixed custom ssl_ciphersuite failing when configured in waproxy.conf.
1.1.4
- Upgraded OpenSSL to version 1.0.2q (including security fixes).
- Use OpenSSL FIPS module 2.0 (FIPS 140-2 certification).
- SSLCertificateChainFile point to the SSL certificate file.
- Added ssl_protocol and ssl_ciphersuite in waproxy.conf for changing
> Apache SSL protocol list and allowed encryption ciphers.
1.1.3
- Upgraded embedded Apache to version 2.4.33 (including security fixes).
- Updated OpenSSL libraries to version 1.0.2o (including security fixes).
- Updated SSL protocols and cypher suite to the current recommendations.
- Fixed Apache segfault with SSL caches.
- Fixed caching issues.
- Fixed second server failover.
- New setup wizard with server URL auto-configuration and SSL certificate
signed by WebADM CA (Rsignd).
1.1.2
- Added the security modules mod_evasive and mod_reqtimeout for DDoS
and slow HTTP request attack protection.
- Added HTTP caching for better performances.
- Upgraded OpenSSL to version 1.0.2k (security fixes).
- Added WAProxy backup and restore scripts in the bin/ directory.
> The scripts can be used for migrating WAProxy to a new server.
1.1.1
- This version of WAProxy is required for use with WebADM >= 1.5.8.
1.1.0
- Upgraded Apache server to version 2.4.25 (security fixes).
- Upgraded OpenSSL library to version 1.0.2j (security fixes).
- Added major enhancement to the setup script.
- Remove RSign setup requirements.
- Full Web Services proxy support has been removed.
> Web Services endpoints (OpenOTP & TiQR) are still included.
- Major code rewrite (please uninstall the old WAProxy first).
> You need WebADM vervion >= 1.5.7 with this version of WAProxy!
- Brand new configuration files' directives.
> Configurations from WAProxy versions 1.0.x are not compatible.
> You must uninstall WAProxy 1.0.x before installing this version!
1.0.3
- Added a new endpoint for OpenOTP mobile communications with
Push login and the RCDevs Authenticator.
- Upgraded Apache to version 2.4.23 and OpenSSL to version 1.0.2h.
