On the following dates, we began releasing component updates to Apigee Edge for Public Cloud:
- Management Server: Wednesday, November 4, 2020
Help & notifications
Private Cloud customers: Is this cloud release included in your Private Cloud version? See your version's release notes to see which cloud releases it contains. Also, see About release numbering to understand how you can figure it out by comparing release numbers.
Questions or issues? Get help here.
Release notifications: Go to http://status.apigee.com and click Subscribe to Updates.
New features and updates
Following are the new features and updates in this release.
The following bugs are fixed in this release. This list is primarily for users checking to see if their support tickets have been fixed. It's not designed to provide detailed information for all users.
|Issue ID||Component Name||Description|
The management API allows duplicate aliases
Use of the
KeyStore errors are not correctly surfaced in the Edge UI
The management API for uploading keys and certs now returns descriptive error messages to help with diagnosing and fixing problems.
A developer app query returns no results
The management API to query apps for a given developer returned empty results for developers with a higher number of apps. This change fixes the behavior and returns the result set.
Two shared flow revisions were deployed in the same environment
Shared flow deployment APIs allowed two revisions of the same shared flow under certain error conditions. This fix prevents two shared flow revisions from being deployed in the same environment.
Add validation for customer uploaded truststore cert
Customer uploaded truststore certs are now validated to make sure each chain has all certs up to the root.
Revoke access token by end user ID does not seem to be effective for some end user IDs
The revoke access token by end user ID API did not work as expected if there were more than 100 tokens associated with the ID. This fix handles the case of IDs with a larger number of tokens.
Self-signed certificate is corrupt
The management server now generates self-signed certs in PEM format. The management API also validates that a supplied self-signed cert is in PEM format.
Adding two-way TLS with DER certificates
The fix is same as #112879927
The validation for duplicate virtual host aliases does not work as expected
Checks and validations have been enhanced for duplicate virtual host aliases to cover all cases.
Add missing permissions to the default devadmin role
Default role devadmin now has GET permission on /apps
Cert chain validation if present during alias creation (without root check)
Cert chain validations during upload have been enhanced. The certs have to be in order and the last cert must be a root certificate or an intermediate cert signed by a root certificate. For multiple certs in a chain, the leaf certs (actual cert) need to be on the top (first), and going down optional intermediate certs and finally towards the optional root at the bottom (last).
KVM value size limit enforcement
KVM value size limit is now enforced to 512 KB
Add validation for the keyalias in keystores
Key aliases in a keystore are now validated. If they point to a non-existing key, the API will throw an error.