Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Upgrade Smart ID Identity Manager from 22.04 to 22.10

Owned by Ann Base (Deactivated)
Last updated: Feb 26, 2024 by Ylva AnderssonVersion comment
2 min read

This article describes how to upgrade Smart ID Identity Manager from 22.04 to 22.10.

These instructions only apply if you have kept the docker-compose.yml from the previous release. If you install a new docker configuration, you do not have to care about this, since this is part of the latest docker-compose files on the download portal.

Prerequisites

Step-by-step instruction

Add entries in signencrypt.xml

  1. Add two entries in the signencrypt.xml file in docker\compose\identitymanager\config\

    1. A ContentProviderJWSSigner descriptor. 

    2. A contentProviderJWSSignerCert key.

  2. If you upgrade and want to keep your existing signencrypt.xml file, add the entries mentioned above as follows:

    Example: signencrypt.xml

    <?xml version="1.0" encoding="UTF-8"?> <engineSignEncrypt> <descriptors> ... <descriptor name="ContentProviderJWSSigner" version="1"> <type algorithm="RSA" size="2048" result="" key="contentProviderJWSSignerCert" /> </descriptor> </descriptors> <keys> <key name="contentProviderJWSSignerCert"> <type name="pkcs12" locationValue="classpath:sign.p12" pin="1234"/> </key> ... </keys> </engineSignEncrypt>

Make sure to replace content-specific parameters like certificate and password accordingly when adding the entries in signencrypt.xml. 

The signencrypt.xml included in the Smart ID 22.10 release contains these values already and can be copied to your existing signencrypt.xml (or used as a reference).

Change system properties

Scheduled jobs now have two types:

  • BATCH_SYNC (legacy)

  • TIMED_PROCESS (new)

Existing scheduled jobs will use BATCH_SYNC. New scheduled jobs will use TIMED_PROCESS, which represents the execution of a process based on a cron expression.

This change is also reflected in the left panel of Identity Manager Admin. You will find a new selector "Scheduled Jobs" instead of "Batch Synchronizations".

For a consistent renaming, change the following two properties in docker-compose.yml in your existing deployments:

  1. Rename batchSync.monitorInterval to scheduledJob.monitorInterval

  2. Rename batchSync.permissionRole to scheduledJob.permissionRole 

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions