Login
    Contents x
    Version 5.9 (August 2024)
    • 27 Sep 2024
    • 3 Minutes to read
    • Dark
      Light
    • PDF
    Contents

    Version 5.9 (August 2024)

    • Updated on 27 Sep 2024
    • 3 Minutes to read
    • Dark
      Light
    • PDF
    Article summary

    DIGIPASS Gateway 5.9 (August 2024)

    New features and enhancements

    Notification priority can now be set

    You can now set a notification priority when sending a notification. High priority notifications can be received without delay and wake up the screen, even if the target device is in Do Not Disturb or a sleep mode.

    The sendNotification [v2] service now accepts an optional isHighPriority parameter to set the notification priority. If omitted, isHighPriority is set to true by default.

    Upgrade path

    DIGIPASS Gateway supports direct upgrades from version 5.7 or 5.8 to version 5.9 on the supported operating systems.

    Supported platforms, data management systems, and other third-party products

    Software libraries

    The software library lists are not exhaustive, but include the most notable and critical updates only. For a complete overview, refer to the third-party dependency files included with the installed product.

    DIGIPASS Gateway now includes the following (updated) third-party libraries:

    • Apache Commons Lang 3.14

    • Apache Commons Text 1.11

    • Spring Security Web 5.8.12

      This version of Spring Security Web fixes a critical security vulnerability (CVE-2023-34034).

    Web servers

    DIGIPASS Gateway can now be run on these web application servers (based on the respective JRE):

    • Apache Tomcat 9.0–9.0.90 (included)

      This version of Apache Tomcat fixes a couple of critical security vulnerabilities, including CVE-2024-34750.

      • Oracle Server Java Runtime Environment 11

      • Azul Zulu 11 (included)

    Deprecated components and features, architectural changes

    GCM/FCM server key string authorization (Deprecated)

    Sending push notifications via Google Cloud Messaging (GCM) or legacy Firebase Cloud Messaging (FCM) APIs was deprecated by Google on June 20, 2023, and will be removed from the Google services in June 2024!

    Do not use DIGIPASS Gateway with server key string authorization to Google messaging services for new deployments and migrate to use the current Firebase service account key file authorization at your earliest convenience! For more information, refer to the DIGIPASS Gateway Getting Started Guide, Section "Configure push notification web services".

    The possibility to configure DIGIPASS Gateway to use a server key string to authorize to GCM/FCM (via the admintool push-notification android-legacy command) will be completely removed in a future release of DIGIPASS Gateway.

    PDF documentation (Deprecated)

    You can view the user documentation of most OneSpan products online already at https://docs.onespan.com/docs, and we plan to shift exclusively to online documentation.

    This means that PDF documentation will be completely removed in future major releases of DIGIPASS Gateway (currently planned for 5.10).

    Known issues

    Issue OAS-7063 (Support case CS0049841): FQDN cannot start with number

    Description: DIGIPASS Gateway cannot be installed if the fully qualified domain name (FQDN) of the server starts with a number, e.g. 001234-MYHOST. In that case, the setup will issue an error when it attempts to generate a self-signed certificate for the Apache Tomcat web server.

    Status: No fix available. To circumvent this issue ensure that the FQDN meets the naming requirements before you install DIGIPASS Gateway.

    Issue OAS-4908 (Support case CS0024103): Certificate must contain IP address when using FQDN

    Description: If you use the FQDN to connect to the OneSpan Authentication Server instance, the respective server certificate for SOAP connections must specify the IP address of the OneSpan Authentication Server instance either as common name (CN) or the subject alternative name (SAN).

    Otherwise, this can cause a "No subject alternative name matching IP address" error message during the setup, indicating that DIGIPASS Gateway verifies the SAN in the OneSpan Authentication Server certificate but does not find any matching IP address.

    Status: No fix available. The OneSpan Authentication Server IP address must be set either as common name (CN) or the subject alternative name (SAN) in the certificate.

    For more information, see KB0014260.

    SSL certificate selection from network repository

    Description: With the current version of the DIGIPASS Gateway installer, it is not possible to select the OneSpan Authentication Server SOAP certificate if it is located on a network drive.

    Status: No fix available. To circumvent this issue the certificate must first be copied locally before being selected when installing DIGIPASS Gateway.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, our interactive help assistant