Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.


As stated on Nexus DOC it is highly recommended to upgrade Digital Access to version 6.1.1 or later. If this is not possible, an option is presented in this article on how to patch the Digital Access images directly.

Internet access is required when fetching the Alpine image used for the tar operation. If your network is air-gapped, please contact Nexus support on how to prepare the Alpine image and how to manually upload it to the environment running the Digital Access images.


Expand/Collapse All

Prerequisites

It is recommended to patch all Java based Digital Access services:

  • Policy service
  • Authentication service
  • Distribution service

If you encounter problems using this patch procedure, please contact Nexus support.

Step-by-step instruction

  1. Download the file Dockerfile-patch-log4j from the Support Download portal.
  2. Place the docker file on the server running the old versions of Nexus images.

This is the syntax of the docker build command. Before you run the command, update REPLACE1 and REPLACE2, see an example in step 1 below:

docker build command syntax
docker build \

  --file ./Dockerfile-patch-log4j \
  --tag log4j-patch/REPLACE1 \
  --build-arg SRC_IMAGE=REPLACE2
  1. Run the docker build command.

    Example: docker build command
    docker build \  
    
    --file ./Dockerfile-patch-log4j \  
    --tag log4j-patch/policy-service:6.0.7.73936 \  
    --build-arg SRC_IMAGE=nexusimages.azurecr.io/smartid-digitalaccess/policy-service:6.0.7.73936
  2. Backup the docker-compose.yml file and then change the image to, for example:
    log4j-patch/policy-service:6.0.7.73936

Restart the containers:

// In case of docker-swarm
docker stack rm da                      //where da is the deployment stack name
bash /opt/nexus/scripts/start-all.sh    // to start the services

// Other setups
docker-compose down
docker-compose up -d

If something goes wrong, revert by doing:

  1. Restore original image in the docker-compose.yml file and restart the containers.
  1. Remove local image when no longer needed. The container must first be stopped and then removed:

    docker image rm [IMAGE ID]