Release notes Digital Access component 6.5.2
Version: 6.5.2
Release date: 2024-02-26
Important information regarding support for ECC keys
Support for ECC keys (DA-22) was introduced in Digital Access 6.5.1, which caused a new defect in Digital Access that may prevent a successful upgrade. This defect is resolved in DA-1816 and will be included in Digital Access 6.7.0 and higher versions.
The defect can be identified in the logs, see the example log lines below:
2024-04-19 10:46:09 FATAL 1021478 "Could not create server certificate for 0.0.0.0:443"
2024-04-19 10:46:09 INFO 1330301 "Reverting to last saved configuration"
Workaround
If an upgrade needs to be done to a version >= 6.5.1 before 6.7.0, the workaround is to re-upload the encrypted private keys in PEM/Base64 format, for all Server Certificates. Make sure to have this prepared before starting the upgrade.
This release focuses mainly on performance improvements in certain parts of Digital Access.
This release includes a fix for the User certificate vulnerability reported on 13th Feb.
Minor improvements
Jira | Description |
---|---|
DA-1667 | Removed unnecessary SQL delete calls for user settings. |
DA-1668 | Reduced SQL update upon successful authentication, store user once in Authentication Service instead of twice (skip the update in Policy Service). |
DA-1689 | Removed unnecessary SQL query of fetching users in the XPI User update call. |
DA-1659 | Utilized the existing "User cache" to improve performance and reduce database (DB) CPU usage by fetching user from DB every 15 min instead of for every authentication request. To add caching to a user, do the following:
Caching should be enabled only for a user that is authenticated frequently like a delegated admin user. |
DA-1660 | When a customer updates the DA account (via XPI) and the account has no real modifications (for example, using the same phone number as before), the conditional update mechanism will detect this and skip writing to the database. |
DA-1688 | Added the system property 'com.portwise.mobiletext.sms.async.enabled' to enable asynchronous sending of SMS over the channels. Do the following:
|
DA-1728 | Added the system property 'com.nexusgroup.user.db.transaction-timeout-sec' to set a transaction timeout with the database with a default value set to 30 seconds which will make sure the services (except admin service) are not waiting for a long time on a response form the database. Customize .conf property for policy and authentication services only if the value needs to be modified. |
DA-1731 | Added the system property 'com.portwise.xpi.ws.v1.authentication.skip_adding_empty_eid_attrib' to skip adding eid attributes if they are not required at the client side. This reduces the XML which improves network performance and less marshalling of XML in PS service (less CPU). Do the following:
|
Contact information
For information regarding support, training, and other services in your area, visit http://www.nexusgroup.com/ .