Release Notes Redtrust 4.33.0
11/28/2025
New features
| Description | Requires agent update? |
|---|---|
Added the option to download the public part of a certificate in .pub (SSH) format. | 🔹 |
Improvements to existing features
| Description | Requires agent update? |
|---|---|
| Usability improvements in the agent: double-clicking the system tray icon opens the certificate list, allowing easier changes to the preselection. | ✅ |
| Log configuration is unified into a single flag for all agent components. | ✅ |
| The agent installer is updated to improve the management of system prerequisites. | ✅ |
| Mapped sites are now included when exporting applications in CSV format. | 🔹 |
| Added new log levels to support different levels of detail as needed. | 🔹 |
| Improvements to reduce certificate loading times when an active preselection is available. | ✅ |
Bug fixes
| Description | Requires agent update? |
|---|---|
| Fixed an issue in the administration console text. | 🔹 |
| Fixes in the internal management of TSA server data. | 🔹 |
| Fixed errors in alert editing. | 🔹 |
| Fixed an issue that affected the available actions for SAML domains in the domains list. | 🔹 |
| Fixed group management in CSR generation in the RA API, which now allows selecting group subsets. | 🔹 |
| Fixes in the certificate retrieval call in the macOS agent. | 🔹 |
| Fixes in error return messages. | 🔹 |
| Fixes in OAuth user information when loading the user list from a domain’s details. | 🔹 |
| Fixed issues in the user PIN functionality. | 🔹 |
| Fixes in the PKCS11 module. | ✅ |
| Fixed an issue that showed incorrect details in the PIN/Reason for use window. | ✅ |
| Fixed an issue where the certificate holder’s email was added to the certificate expiration alert configuration, even when that option was not enabled. | 🔹 |
| Fixed an issue where the agent requested creating the user PIN even when it already existed for Active Directory users. | 🔹 |
| Fixed an issue in Signtrust that triggered a PIN request for personal certificates even when no PIN was configured. | 🔹 |
Removed features
| Description | Requires agent update? |
|---|---|
| The Redtrust server is no longer compatible with agents older than the LTS version (3.74.15). | 🔹 |
| The FNMT renewal and revocation operations are removed. | 🔹 |
Known issues
The standard procedure no longer allows downgrading to earlier versions due to internal changes. Before applying the update, create a snapshot of the machine state and perform a backup using the administration console. Download the package and apply the OpenRDPv2.bin file to ensure emergency access if needed. After the server update, complete the process using the second package included in the ZIP file.