Trustpoint

Recent Releases

Stay updated with our latest releases and announcements

v0.5.0

Development Roadmap

Future
  • PKCS#11 Support โ€“ enables secure key storage and cryptographic operations using hardware security modules (HSMs).
  • Signing Authority (Hash and Sign) โ€“ introduces a service for external signing requests, supporting hash-and-sign operations.
  • Workflow Engine โ€“ adds customizable workflows with E-Mail notifications and webhook integrations for event-driven automation.
  • Registration Authority (RA) Functionality โ€“ extends Trustpoint to operate as a dedicated RA for validation and approval processes.
  • Enhanced CMP Functionalities โ€“ adds support for certificate revocation, extended request handling, and compliance with RFC standards.
  • Refactored Request Workflow โ€“ unifies and improves handling of CMP, EST, and REST requests for better reliability and scalability.
v0.4.0

Beta Release V0.4.0

12/2025
  • Workflow engine with approvals, webhooks, and notifications โ€“ introduced structured workflows to support controlled and auditable trust processes
  • REST API based on Django REST Framework โ€“ added programmatic access for automation and external integrations.
  • PKCS#11 support with SoftHSM integration โ€“ introduced experimental HSM-based cryptographic operations using the PKCS#11 interface.
  • Signing application and hash-based signing โ€“ enabled signing workflows for external data using hash-and-sign mechanisms.
  • Configurable certificate profiles โ€“ introduced standardized and customizable certificate profile definitions (initial implementation).
  • Certificate profile integration into request workflows โ€“ integrated certificate profiles into certificate request processing (work in progress).
  • Extended signer creation โ€“ enabled signer creation during domain and device onboarding.
  • Help pages refactor โ€“ improved structure and clarity of in-application help content.
  • Certificate lifecycle management UX optimization โ€“ refined workflows for issuing, renewing, and managing certificates.
  • Certificate detail access improvements โ€“ detailed issuing CA information is now accessible from domain tables.
  • Management App TLS certificate generation and selection โ€“ improved handling and configuration of TLS certificates.
  • Dashboard updates โ€“ visual and functional improvements to dashboard views.
  • Improved request pipelines for CMP and EST โ€“ more robust and consistent certificate request handling.
  • UI layout improvements โ€“ multiple layout and consistency improvements across the user interface.
  • Documentation updates โ€“ improvements to README and general documentation.
  • Code quality and security improvements โ€“ continued alignment with Ruff, MyPy, unit testing, and OpenSSF best practices.
  • 71% unit test coverage โ€“ 2,425 test cases implemented, with ongoing efforts to increase coverage.
v0.3.0

Beta Release V0.3.0

9/2025
  • Stabilisation and code quality improvements โ€“ addressing linting, typing (Ruff, MyPy), imports, documentation and overall maintainability.
  • Docker/Deployment/CI improvements โ€“ ensuring smoother container orchestration, compose actions, manual builds and versioning.
  • Backup and restore support for Docker environments enables reliable configuration migration and updates.
  • Feature enhancements/bug fixes, including OPC UA GDS support, certificate model updates, UI fixes and domain relation improvements.
  • CycloneDX and SPDX SBOMs: Trustpoint now provides a software bill of materials for improved transparency and compliance.
  • Notifications have been refactored to provide more structured notifications, enhanced help/support views and UI fixes in management, settings and logging.
  • Zero-touch onboarding with AOKI: added support for EST and CMP to enable automated onboarding.
  • Granular protocol enabling per device allows finer control of enabled protocols.
  • Auto-generation of local root CA and issuing CA simplifies setup and testing.
  • Docker and GitHub Actions/workflows have been improved to enhance build, tagging and manual compose processes.
  • Improved help pages for certificate lifecycle management โ€“ clearer guidance and documentation for issuing and renewing certificates.
v0.2.0

Beta Release V0.2.0

3/2025
  • Setup wizard & improved onboarding โ€“ introduced an initial setup assistant and streamlined onboarding workflows for easier first-time configuration.
  • Remote credential download (browser onboarding) โ€“ enabled users to securely download credentials directly via the browser onboarding process.
  • Credential revocation (CRL) & security fixes โ€“ added certificate revocation list generation and multiple security-related improvements.
  • Major code & onboarding refactor โ€“ significant restructuring of onboarding logic and core components for stability and maintainability.
  • Docker & startup improvements; moved to uv โ€“ optimized container startup, reduced image complexity, and transitioned to the uv runtime for better performance.
  • Enhanced testing & demo data โ€“ expanded test coverage, added demo datasets, PostgreSQL support, and new signature suites for testing.
  • Key dependency updates โ€“ upgraded to Django 5.1.5, cryptography v44, and other critical libraries for compatibility and security.
  • Enrollment over Secure Transport (EST) endpoint โ€“ introduced EST support as an additional enrollment method.
v0.1.0

Beta Release V0.1.0

11/2024
  • Trustpoint Stack as a web-based application โ€“ introduced the foundational Trustpoint platform accessible via web interface.
  • User-Driven Onboarding โ€“ implemented guided onboarding workflows for users to register and enroll devices or credentials.
  • Trustpoint Client โ€“ added client-side tooling for certificate enrollment and management.
  • Browser-Based Onboarding โ€“ enabled users to perform onboarding directly through a web browser.
  • Local Issuing CA โ€“ provided built-in certificate authority functionality for issuing and managing local certificates.
  • Trust Store Management โ€“ introduced management of trusted root and issuing certificates.
  • Certificate Management Protocol (CMP) Endpoint โ€“ implemented CMP endpoint for standard-based certificate enrollment.
  • Published under MIT License โ€“ made the project open source under the MIT license.