Eclipse Vert.x Webauthn 4.2.2.1 and 4.1.7.1 released!
Users of the module vertx-auth-webauthn should have noticed that since Dec 15, 2021 09:00 UTC, you cannot start any
webauthn application. The reason is that the root certificate for Android safety net attestation has expired.
The root certificate has been replaced with:
https://aboutssl.org/globalsign-root-certificates-licensing-and-use/
Name gsr1
Thumbprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c
Valid Until 28 January 2028Users should only update this dependency until an upgrade to a regular next full stack release, for example, if you’re using maven as your build tool and on Vert.x 4.2.2, then:
<dependencies>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-core</artifactId>
<version>4.2.2</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-auth-webauthn</artifactId>
<!-- only this dependency version should be updated -->
<version>4.2.2.1</version>
</dependency>
</dependencies>The same applies for the previously maintained release 4.1.7:
<dependencies>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-core</artifactId>
<version>4.1.7</version>
</dependency>
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-auth-webauthn</artifactId>
<!-- only this dependency version should be updated -->
<version>4.1.7.1</version>
</dependency>
</dependencies>No release was made for the 3.9 series because the webauthn module was just introduced with 4.x. Extra measures have
been taken to ensure that expired certificates will not block the start of applications in the future.
Happy coding and see you soon on our user or dev channels.
