Horizon 2.7.2 release notes

Here are the release notes for EverTrust Horizon v2.7.2, released on 2025-02-26.

For the installation and upgrade procedure, please refer to the Installation and Upgrade guide.

Due to PQC introduction, RSA key types now need to be explicitly allowed. Previous behavior where RSA-2048 and RSA-4096 allowed RSA-3072 is no longer available

1. New Features

2. Enhancements

  • [HRZ-2691] - Add support for certificate authentication for all Azure services (AKV/Intune/Intune PKCS).

  • [HRZ-2692] - Added emission and expiration date of Certificate Authorities on the Trust Chains page.

  • [HRZ-2693] - Team’s technical name can now be retrieved from the self page.

  • [HRZ-2674] - Certificate authentication in mongo uri is now available (using mongosh syntax).

  • [HRZ-2676] - Dashboards: aggregation on the public key thumbprint is now available.

  • [HRZ-2680] - Improved performance when synchronizing big CRLs.

  • [HRZ-2685] - Added lease configuration for High Availability on RPM deployments.

  • [HRZ-2697] - Sidebar on web UI can now be resized.

3. Bug Fixes

  • [HRZ-2638] - Fixed a bug where team name was not displayed when requesting certificates.

  • [HRZ-2653] - Fixed a bug where configuration information were not displayed in Stream connector when the healthcheck failed.

  • [HRZ-2654] - Fixed a bug where challenges could not be retrieved from requests when using a specific configuration.

  • [HRZ-2661] - Fixed an issue with PKI Healthcheck metrics being incorrectly updated.

  • [HRZ-2675] - Fixed a bug where the incorrect error was sent when approving the same request multiple times.

  • [HRZ-2678] - Fixed a typo on the "certificate.label" dictionary in the "Certificate" notifications.

  • [HRZ-2687] - Fixed a bug where scheduled task revocation and renewal could be executed by another scheduled task on the same connector.

  • [HRZ-2695] - Fixed a bug when searching for certificates using analytics with limited rights on discovery campaigns.

4. Known Defects

  • [HRZ-2802] - Certificates are considered as non-compliant during automate routine if authorized keyTypes are defined on the profile

  • [HRZ-2807] - When using Intune PKCS with non-lowercase UPNs, certificate will be revoked when the schedule task executes. It is recommended to disable revocation from the schedule task

5. API modifications

  • [HRZ-2683] - CRL Info fields on route /api/v1/caches/crls were renamed. cRLNumber to number and crlSize to size.