The following items are new for Chef server 12.11:
## New Endpoints
- **/organizations/ORGNAME/validate/PATH** accepts a signed request
and validates it as if it had been sent to PATH. It returns 200 if the request is
authentic and 401 if it is not.
- **/organizations/ORGNAME/data-collector** forwards requests for a
data-collector service after authenticating the request using Chef
Server's standard authentication headers. To use this endpoint,
users must set both of the following options in
/etc/opscode/chef-server.rb:
```ruby
data_collector['token']
data_collector['root_url']
```
- **/organizations/ORGNAME/owners/OWNER/compliance\[/PROFILE\]**
forwards requests for compliance profiles to a user-configurable
Chef Automate server after authenticating the request using Chef
Server's standard authentication headers. To use this endpoint,
users must set both of the following options in
\`/etc/opscode/chef-server.rb\`:
```ruby
profiles['root_url']
data_collector['token']
```
## Security Updates
- The default allowed SSL ciphers now include AES256-GCM-SHA384 to
ensure compatibility with AWS's Classic ELB health check tool.
- **chef-server-ctl psql** previously revealed the postgresql password
via ps.