Nexus Documentation

Space shortcuts

Page tree

CURL vulnerability information (CVE-2023-38545)
Nexus awareness advisory on Microsoft's update KB5014754

Visit Nexus to get an overview of Nexus' solutions, read customer cases, access the latest news, and more.

This article describes how to upgrade Smart ID Identity Manager from 22.04 to 22.10.

These instructions only apply if you have kept the docker-compose.yml from the previous release. If you install a new docker configuration, you do not have to care about this, since this is part of the latest docker-compose files on the download portal.

Prerequisites

Step-by-step instruction

  1. Add two entries in the signencrypt.xml file in docker\compose\identitymanager\config\
    1. A ContentProviderJWSSigner descriptor. 
    2. A contentProviderJWSSignerCert key.

  2. If you upgrade and want to keep your existing signencrypt.xml file, add the entries mentioned above as follows:

    Example: signencrypt.xml
    <?xml version="1.0" encoding="UTF-8"?>
<engineSignEncrypt>
    <descriptors>
...
        <descriptor name="ContentProviderJWSSigner" version="1">
            <type algorithm="RSA" size="2048" result="" key="contentProviderJWSSignerCert" />
        </descriptor>
    </descriptors>
    <keys>
        <key name="contentProviderJWSSignerCert">
            <type name="pkcs12" locationValue="classpath:sign.p12" pin="1234"/>
        </key>
...
    </keys>
</engineSignEncrypt>

Make sure to replace content-specific parameters like certificate and password accordingly when adding the entries in signencrypt.xml

The signencrypt.xml included in the Smart ID 22.10 release contains these values already and can be copied to your existing signencrypt.xml (or used as a reference).

Scheduled jobs now have two types:

  • BATCH_SYNC (legacy)
  • TIMED_PROCESS (new)

Existing scheduled jobs will use BATCH_SYNC. New scheduled jobs will use TIMED_PROCESS, which represents the execution of a process based on a cron expression.

A database update is required for this new scheduled jobs type to work. Follow the steps in "Update database" in Upgrade Smart ID to update the database.

This change is also reflected in the left panel of Identity Manager Admin. You will find a new selector "Scheduled Jobs" instead of "Batch Synchronizations".

For a consistent renaming, change the following two properties in docker-compose.yml in your existing deployments:

  1. Rename batchSync.monitorInterval to scheduledJob.monitorInterval
  2. Rename batchSync.permissionRole to scheduledJob.permissionRole 

Copyright 2023 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions