v1.5.2
π§ Improvement
This release improves the rate limiting implementation by using the certificate's decimal serial number instead of the SHA1 fingerprint.
π What Changed
- Renamed method: β
- New identifier: Now uses the certificate's decimal serial number for rate limit tracking
- Updated template: Changes preserved in OpenAPI generator template for future regenerations
π Impact
The certificate serial number is a more standard and appropriate identifier for X.509 certificates compared to the SHA1 fingerprint. This change provides:
- More reliable certificate identification
- Standard X.509 certificate attribute usage
- Consistent with certificate management best practices
β οΈ Migration Notes
If you have stored rate limit state from v1.5.1:
- The stored data will be reset because the client identifier has changed
- This is expected behavior and does not cause any issues
- Rate limits will be tracked correctly going forward with the new serial number identifier
π Related
- Previous fix in v1.5.1 switched from X-IBM-Client-Id to certificate-based identification
- This release further refines that implementation to use serial numbers