Identity Manager release note 23.10.6

CRED-12713

It is now possible to delete orphaned keys from a card using encoding label filters. See Certificates and keys in Identity Manager for more information.

CRED-13886

In the Smart ID IDM docker containers, the base image has been upgraded to Ubuntu 22.04 (jammy). This requires docker to be updated to 20.10.17 or later versions.

CRED-16380

In Identity Manager Self-Service, the processes that appear on the dashboard are now explicitly defined. For more information, see Configure tasks (processes) in Smart ID Self-Service and Upgrade Smart ID Identity Manager from 23.10.5 to 23.10.6.

CRED-17031

It is now possible to write multiple authentication certificates to a VSC. For more information, see Smart ID Messaging - Standard service tasks in Identity Manager.

CRED-17161

There was an issue that a CoreObjectDescriptorList used on a form would sometimes not be shown but cause an exception. This has been fixed.

CRED-17177

Content Security Policy headers for all Identity Manager applications have been improved.

CRED-17440

The interface between Identity Manager and GO Cards has been extended to use an idempotency key. This can be set in the process for better error handling or generated automatically. See Set up process in Identity Manager for more information.

CRED-17538

Traefik and postgres versions that are delivered with the Smart ID docker package are updated. The Traefik upgrade requires the use of Hermod 3.8.0 or later versions. See Upgrade Smart ID Identity Manager from 23.10.5 to 23.10.6 for more information.

CRED-17539

Added system property restrict the Process Tracker output to specific task types. See Enable Process Tracker in Smart ID Identity Manager for more information.

CRED-17592

Security Update for Postgres JDBC driver.

CRED-17658

The process tracker now also logs the DB Session ID.

CRED-17715

This Smart ID release comes with extended logging for PGP actions.

CRED-17726

Card operations can now be used in batch orders if only one button is configured on the form.

CRED-17736

When writing object history, the lock mechanisms have been changed in order to allow easier resolution of database conflicts.

CRED-17762

On a card with several certificates and keys, deletion of keys and certificates is much faster than before.

CRED-17833

When verifying the Chained Signature of the Object History, the chains will be checked in the same order on each run.

CRED-17836

An index is added to improve performance of the validation of the Chained Signature of the Object History.

CRED-17842

When verifying the Chained Signature of the Object History, the chain names will be logged in the same order each time.

CRED-17862

The REST service for verifying the object history can now be limited to checking just certain chains via one or more chainName=... query parameters. The full history is checked by default if no chainName parameter is given. Invalid chainName values will result in a 400 BAD REQUEST response.

Similarly, the batch_re-sign_history tool can be configured to check the target chain only instead of the full history after successful re-signing (by setting both checkResult=true and checkTargetChainOnly=true in general.properties).

CRED-17874

In Identity Manager Operator, in the object history view, the task name is now displayed in addition to the process name.

CRED-17910

You can now configure the display of Open Tasks on the Self-Service dashboard. For more information, see Configure display of open tasks in Smart ID Self-Service.

CRED-17934

In search configurations when searching over multiple levels, restricting the maximum number of results would in some cases not help to prevent waiting time for the user. With this release, a restriction on the first level has been introduced.

CRED-17986

In Identity Manager Operator, columns in tables that contain dates or datetime can now be sorted correctly in search configurations.

CRED-16887

In Identity Manager Admin, report files could not be uploaded. This has been fixed.

CRED-16937

In Identity Manager Admin, when working with a Card SDK layout, the editor would not open when pressing the edit button. This has been fixed.

CRED-17205

There was an issue with the precondition validator that executes scripts: the dataset of the selected object in a search was missing. This has been fixed. For more information, see .

CRED-17484

In Smart ID Self-Service, the menu highlighting did not move correctly when moving to a menu item that just displays a single object instead of a list. This has been fixed.

CRED-17640

There was an issue with card encodings with Smart ID Desktop App with Secure Key injection. When the same encoding contained change PIN and SKI key archival/recovery, it failed. This has been fixed in Identity Manager 23.04.18 and Smart ID Desktop App 1.13.5.1.

For more information, see .

CRED-17649

In Smart ID Self-Service, when downloading a file from a form there was an error that the filename-pattern expression was not resolved. This has been fixed.

CRED-17680

There was an issue that the signature slot on Gemalto cards could not be detected with card readers with long names. This has been fixed.

CRED-17750

There was an issue where the message indicating that the process ended successfully was not shown when the process ended in asynchronous tasks. This has been fixed.

CRED-17831

In Smart ID IDM Admin, when exporting a config with an HTTP client with several endpoints and importing that config again, the connection between client and endpoint was lost. This has been fixed.

CRED-17832

There was an error in the duration time logging when verifying the Chained Signature of the Object History. This has been fixed.

CRED-17863

In Smart ID Self-Service, a number field containing a zero was shown as empty. This has been fixed.

CRED-18101

Updating certificate state from CRLs would sometimes not find certain certificates due to upper lower case differences in the serial number. This has been fixed.