Skip to main content
Skip table of contents

Identity Manager release note 23.04.11

Release date: 2023-11-24


Jira ticket noDescription

Options have been added for smart card initialization with Nexus Personal Desktop Client. For more information, see Encodings using Personal Desktop Client middleware in Identity Manager


Besides writing certificates and keys, the Pkcs#11 interfaces also allow to write arbitrary data objects on the smart card. This is now supported by Smart ID Identity Manager with different middleware. This is not supported with Nexus Personal Desktop Client. 

For more information, see Write data objects to smart cards


The sort order of card applications (encodings) was not deterministic when exporting/importing the configuration. Now a sort column has been added. When saving or importing a card template, the correct sort order will be persisted and used by Card production. For more information, see Upgrade Smart ID Identity Manager from 23.04.10 to 23.04.11.


The performance of the history signature chain verification has been improved by enabling the verification in multiple threads. A new parameter "commonHistoryService.SignatureVerifyThreads" has been added for this. See List of Identity Manager system properties for more information.

CRED-16290When exporting search results, translations now also include meta-fields like status and boolean fields and use the date-format of the user's locale.

When using Idopte Middleware, it is now possible to have the PIN of the card entered and checked before certificates are renewed in addition to identify with the adminkey.


The D-Trust Certificate Service Manager API was based on SOAP but is now in the process of being replaced by a RESTful API. Smart ID Identity Manager now offers the option to use both, enabling customers to switch from one to the other.

For more information, see Integrate Identity Manager with D-Trust connector.


The attestation key generation tool has been improved to make it easier to use. The documentation has also been updated, see Sign and encrypt engine in Identity Manager


When pushing a CRL from Certificate Manager to Identity Manager, a response is now sent to Certificate Manager after the full list has been received and the signature verified. It is not waiting for Identity Manager to process the entire list.

Corrected bugs 

Jira ticket noDescription

 There was an issue with wrong dates when creating .ics files. This has been fixed.


The name of the default attestation key has been changed in the respective Messaging Service tasks. 

For more information, see Sign and encrypt engine in Identity Manager.


There was an issue where messages from Scheduled Jobs were logged to idm_rf.log instead of idm_synch.log with the delivered log4j configuration file. This has been fixed.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.