Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

SR-119800 · Issue 177840

Security policy transaction mismatch error resolved

Resolved in Pega Version 7.1.8

If security policies are enabled, logging out and then logging in prompts a password change. If the password was changed and then the page was refreshed, a transaction mismatch error occurred. This was caused by incomplete clearing of the password setting transaction, and the system has been updated to properly switch transactions.

SR-123636 · Issue 184161

Trojan horse protection auto-enabled

Resolved in Pega Version 7.1.8

The authentication/trojanhorseprotection previously defaulted to NEVER, creating a security vulnerability. The trojanhorseprotection setting now defaults to external.

SR-123636 · Issue 181701

Trojan horse protection auto-enabled

Resolved in Pega Version 7.1.8

The authentication/trojanhorseprotection previously defaulted to NEVER, creating a security vulnerability. The trojanhorseprotection setting now defaults to external.

SR-124473 · Issue 186179

Added handling for unauthenticated asynchronous SOAP service

Resolved in Pega Version 7.1.8

After implementing changes to work around an error with SOAP authentication, the unauthenticated asynchronous SOAP service generated an error and failed to complete. This was due to the changes to the authentication process omitting the asynchronous mode case when a SOAP service that intended to not use authentication ends up calling a sub-activity that requires authentication. This use case is now covered.

SR-126719 · Issue 177348

Added fallback keyinfo handling

Resolved in Pega Version 7.1.8

When a SAML assertion response is received in the authentication activity, an error indicated the KeyInfo was missing in the signature. This was caused by a lack of redundancy in the keyinfo handling that caused an exception when keyinfo was not included in the SAML response. Support has now been added to check the certificate in the truststore where the certificate from IDP metadata would have been imported, and there is an added null check in the debug logs.

SR-126719 · Issue 178793

Added fallback keyinfo handling

Resolved in Pega Version 7.1.8

When a SAML assertion response is received in the authentication activity, an error indicated the KeyInfo was missing in the signature. This was caused by a lack of redundancy in the keyinfo handling that caused an exception when keyinfo was not included in the SAML response. Support has now been added to check the certificate in the truststore where the certificate from IDP metadata would have been imported, and there is an added null check in the debug logs.

SR-128463 · Issue 193907

Create KeyRing updated for split schema

Resolved in Pega Version 7.1.8

If a command line script is configured (viz. keyringGen.sh) to encrypt user passwords for prconfig.xml databases using Keyring utility, a prconfig.xml could have three database entries but the keyring tool only prompted for two databases and did not allow encrypting password for the user for the third database. The prconfig.xml file requires very specific location information to run: to resolve this, the variables to hold schema name in case of split schema configuration have been added.

INC-150317 · Issue 625883

Certificate updates handled across nodes

Resolved in Pega Version 8.5.3

An SSL handshake exception was occurring when running a Connect-REST call automatically from the flow as a background process on a background processing node. The same Connect-REST worked fine when run manually. The exception detailed the issue as "SSLHandshakeException: java.security.cert.CertificateException: None of the TrustManagers allowed for trust of the SSL certificate(s) provided by the remote server to which this client attempted a connection." This was traced to a pulse change scenario where the reloading of the certificates was not happening on all the nodes after adding a new certificate or deleting a certificate. This has ben resolved by adding the DATA-ADMIN-SECURITY-CERTIFICATE class into the UpdatesCacheUtils.java class.

INC-153957 · Issue 615290

Cache key handling updated for OAuth2 Connect-REST

Resolved in Pega Version 8.5.3

After upgrade, a Connect-REST using OAuth2 credentials was failing with HTTP response code 403 when the Connect-REST was invoked by the agent, but the Connect-REST was successfully invoked from web node with the same Auth profile. OAuth2 tokens are stored in the cache and database. In this specific environment the key formation was happening differently on the utility node for batch processes, causing different keys to be formed for the same token. This has been resolved by adding a provider filter and updating the cache key.

INC-154311 · Issue 615684

Decryption updated for External assignment routed with DWA

Resolved in Pega Version 8.5.3

When an external assignment was routed to a user using DWA, the user was able to access the assignment but received the error "There has been an issue; please consult your system administrator" when submitting. Investigation showed this was caused by the system attempting to decrypt the External assignment with the requestor level key, causing the decryption to fail with a NumberFormatException. To resolve this, the system will check if the obfuscated string starts with Global encryption key prefix and then decrypt with the global encryption key by trimming out the prefix.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us