This release was prompted by a compatibility problem. It turns out that the Microsoft implementation of AES256CBC-SHA256 in PFX, isn't compatible with RFC 7292, which incidentally is a standard with Microsoft representatives among the authors. I can't fix Microsoft's code, but with StreamSec Tools 4.0.1.337 there are now ways to import and export PFX files with AES256CBC-SHA256 encryption, between Microsoft Windows 11 and StreamSec Tools.

There are also a couple of other compatibility fixes, primarily related to certificate management.

Remember that you can always contact me if you encounter any issues. If you have an active support agreement, your issues will be handled with priority.

When loading PFX files that might be AES256CBC-SHA256 encrypted by Microsoft software, you have to use a different class for passing the password to the ImportFromPFX method (or ExportToPFX if you wish to export to Microsoft Software). Wherever you have so far been using:

TSecretKey.CreateBMPStr(PWideChar(sWebCertPassword),Length(sWebCertPassword))

you should now instead use:

TDualSecretKey.CreateForPFX(sWebCertPassword)

If you are not concerned about compatibility with Microsoft, but prefer to comply with RFC 7292, you should continue to use TSecretKey.CreateBMPStr.