What's new

This document describes new and enhanced features for Conjur Secrets Manager Enterprise (Conjur Enterprise) version 12.9.

For release notes, see Release Notes.

Custom-named Conjur certificate

We now support using custom-named certificates when deploying the Conjur Follower inside Kubernetes. This enables you to use a certificate whose name is not aligned with the default <hostname>.<namespace>.svc.cluster.local format.

For more information, see Deploy the Follower.

Enhanced security when logging in to the Conjur UI using the OIDC Authenticator - Early availability

We have enhanced the security and product experience by enabling organizations to configure the required Conjur access token's Time-to-Live (TTL) to align with their organizational security policies.

In addition, we have added the use of Proof Key for Code Exchange (PKCE), a recommended application flow that provides a modern solution for protecting Single Page Apps (SPAs).

For more information, see OIDC Authenticator for Conjur UI and Conjur CLI authentication.

Login to Conjur CLI using OIDC authentication - Early availability

We have enhanced the security and product experience by enabling organizations that require single sign-on (SSO) and MFA as part of their organizational security policies to log in to Conjur Enterprise's CLI using their already existing identity provider (IdP) implementation.

For more information, see OIDC Authenticator for Conjur UI and Conjur CLI authentication.

Docker-based Conjur CLI deprecation

The Docker-based Conjur CLI will be deprecated 6 months from now. We strongly recommend that you migrate to our new Conjur CLI which is already supported and available for use. For details, see Conjur CLI.

FIPS compliance

The following Conjur Enterprise components are FIPS-compliant:

• Conjur Enterprise

• CyberArk Vault Synchronizer

• Kubernetes Authenticator Client

Support for Podman 4.2 and OpenShift 4.11

All Conjur Enterprise v12.9 components and configurations can run on Podman 4.2 and in OpenShift v4.11.