Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.


This article describes the known limitations in the released versions of Digital Access.

Expand/Collapse All

This impacts Digital Access versions 6.0.5 and above.

Background:

As per https://datatracker.ietf.org/doc/html/rfc8446#section-4.6.2, and in case of TLS1.3, the client must send post_handshake_auth extension in negotiating TLS connection with the server. 

  • Currently this is not supported by Chrome and other browsers, so user certificate authentication method will not work if TLS1.3 is enabled.

Workaround:

  • Disable TLS1.3 and use TLS1.2 instead.

This issue is only present on the VMware platform, and not on other virtualization platforms, to our knowledge.

Background:

If you use the network card VMXNET3, there may be an issue with the docker swarm overlay network. The issue is that the swarm containers can ping each other (ICMP protocol), but TCP and UDP fail.

Solution:

Change the network card for all involved servers to E1000. This is done in the VMware configuration of the guest virtual machine.

See also Deploy Digital Access component on Docker.