| Info |
|---|
This article is valid for Smart ID 24.R1 and later. |
...
Encryption and decryption of fields in the Identity Manager database (descriptor “encryptedFields“: encryptedFields)
Signing and verification of the object history (descriptor “objectHistorySigner“: objectHistorySigner)
Signing and validation of the configuration files (descriptor “configZipSigner“: configZipSigner)
Encryption of the configuration files (descriptor “configZipEncrypter“: configZipEncrypter)
Signing of emails (descriptor “signEmailDescriptor“: signEmailDescriptor)
Creation of JWS signatures used for Smart ID messaging content provider API (descriptor “ContentProviderJWSSigner“: ContentProviderJWSSigner)
Authentication of Smart ID Self-Service users to the Identity Manager backend (descriptor “SelfServiceJWTSigner“: SelfServiceJWTSigner)
Decryption of PIN blobs from pre-personalized smart-cards created with the Personal Desktop Client (arbitrarily named descriptors)
Attestation for provisioning to Smart ID Mobile / Desktop Apps (descriptors “att: att_*“)
| Note |
|---|
Different set of JAR files for Identity Manager in Smart ID 21.10 and later Certificate Manager SDK 8.4 and later (as used in IDM 21.10 and later) has a different set of JAR files compared to previous versions: cmcommon-x.y.z.jar => renamed to cm-common-x.y.z.jar See also the section "Configure Tomcat" below. |
...
To avoid this, you have these options:
Deploy each Identity Manager webapp on its own dedicated Tomcat instance (Docker deployments always work like this).
OR
Remove all CMSDK JARs and all BouncyCastle JARs from all webapps' tomcat\<webapp>\WEB-INF\lib folders and place them in tomcat\libs instead (this ensures those JARs are served from the Tomcat common classloader for all webapps).
CMSDK JARs:
cmcommon*.jar
cmsdk-*.jar
common-*.jar
BouncyCastle JARs:
bcmail-*.jar
bcpgp-*.jar
bcpkix-*.jar
bcprov-*.jar (including bcprov-ext-*.jar)
Additional information
| Expand | ||
|---|---|---|
| ||