v1.5.6: Certificate Store, Easier HTTPS Changes, and Safer Certificate Rollovers
Version 1.5.6 adds Certificate Store, integration certificate assignment, safer default HTTPS selection, and automatic recovery after certificate changes.
Version 1.5.6 improves how operators manage HTTPS and integration certificates.
✨ New Features
Certificate Store
One place for certificate work: HTTPS, OPC UA trust, and integration certificates are managed from a single screen.
Clear certificate detail: Operators can see expiry, type, private-key status, usage, and profile references before applying a certificate.
Starter certificate on first setup: New environments can come up with an automatically generated self-signed certificate until a production certificate is imported.
Certificate Store detail view
Integration certificate assignment
Cleaner assignment flow: AWS IoT Core, MQTT, Sparkplug B, and OPC UA use certificates selected from the UI.
Less manual editing: Proxus resolves the runtime material automatically.
Cleaner profile forms: Internal runtime-only fields stay out of normal editing flows.
OPC UA trust management
Trusted and rejected certificate actions: Operators can manage trust decisions directly from the Certificate Store.
Visible trust usage: Certificate detail pages show whether a certificate is used by client or trusted-server profiles.
🔧 Improvements
Safer default HTTPS selection
Private key check before activation: A certificate without a private key can no longer be used as the default HTTPS certificate.
Single active default: Proxus keeps only one active default certificate.
Clearer titles: Certificate tabs and detail headers now prefer shorter, more readable names.
Certificate Store list view
Better Cloudflare readiness
Proper PEM + key import flow: Cloudflare Origin Certificates can now be imported together with their private key and used for platform HTTPS.
Safer guidance for Full (strict): Public certificates without private keys are stored correctly but rejected for HTTPS server mode.
Automatic recovery after certificate changes
UI recovery on restart: When the active UI HTTPS certificate changes, Proxus rotates the Data Protection key ring automatically.
Edge recovery on restart: The same protection now applies on the edge/runtime side.
Archived legacy keys: Older protected key files are archived during certificate rollover instead of blocking startup.
📌 Operational Notes
Changing the default HTTPS certificate is expected to invalidate existing sessions and cookies.
Restart the affected service after setting a new default HTTPS certificate.
For Cloudflare Full (strict), import both the certificate and the private key.
We use essential cookies for our website to function properly and analytics cookies to improve your experience.
Read our Cookie Policy for more information.
