Eclipse Vert.x Webauthn 4.2.2.1 and 4.1.7.1 released!

Users of the mod­ule vertx-auth-webauthn should have no­ticed that since Dec 15, 2021 09:00 UTC, you can­not start any we­bau­thn ap­pli­ca­tion. The rea­son is that the root cer­tifi­cate for An­droid safety net at­tes­ta­tion has ex­pired.

The root cer­tifi­cate has been re­placed with:

 https://aboutssl.org/globalsign-root-certificates-licensing-and-use/
  Name  gsr1
  Thumbprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c
  Valid Until   28 January 2028

Users should only up­date this de­pen­dency until an up­grade to a reg­u­lar next full stack re­lease, for ex­am­ple, if you’re using maven as your build tool and on Vert.x 4.2.2, then:

  <dependencies>
    <dependency>
      <groupId>io.vertx</groupId>
      <artifactId>vertx-core</artifactId>
      <version>4.2.2</version>
    </dependency>

    <dependency>
      <groupId>io.vertx</groupId>
      <artifactId>vertx-auth-webauthn</artifactId>
      <!-- only this dependency version should be updated -->
      <version>4.2.2.1</version>
    </dependency>

  </dependencies>

The same ap­plies for the pre­vi­ously main­tained re­lease 4.1.7:

  <dependencies>
    <dependency>
      <groupId>io.vertx</groupId>
      <artifactId>vertx-core</artifactId>
      <version>4.1.7</version>
    </dependency>

    <dependency>
      <groupId>io.vertx</groupId>
      <artifactId>vertx-auth-webauthn</artifactId>
      <!-- only this dependency version should be updated -->
      <version>4.1.7.1</version>
    </dependency>

  </dependencies>

No re­lease was made for the 3.9 se­ries be­cause the webauthn mod­ule was just in­tro­duced with 4.x. Extra mea­sures have been taken to en­sure that ex­pired cer­tifi­cates will not block the start of ap­pli­ca­tions in the fu­ture.

Happy cod­ing and see you soon on our user or dev chan­nels.

Next post

Eclipse Vert.x 4.2.3 released!

Eclipse Vert.x version 4.2.3 has just been released.

Read more
Previous post

Eclipse Vert.x 3.9.11 released!

Eclipse Vert.x version 3.9.11 has just been released.

Read more
Related posts

JWT Authorization for Vert.x with Keycloak

In this blog post, you'll learn about JWT foundations, protect routes with JWT Authorization, JWT encoded tokens, and RBAC with Keycloak

Read more

Things to keep in mind concerning CSRF attacks

Eclipse Vert.x like most frameworks provides an anti-CSRF defense. However, no framework can prevent all attack vectors that exist in the web. Therefore, developers need to be aware of some dangers and common attack vectors concerning CSRF defenses.

Read more

Easy SSO for Vert.x with Keycloak

In this blog post, you'll learn how to implement Single Sign-on with OpenID Connect and how to use Keycloak together with Eclipse Vert.x.

Read more