You're viewing Apigee Edge documentation.
Go to the
Apigee X documentation. info
On July 29, 2021, we released version 4.51.00 of the Edge for Private Cloud Feature Release.
Release summary
The following table summarizes the changes in this release:
New Features | This release includes the following new features: ○ A new pop-up window warns you of end of life (EOL) dates○ Option to log out users when their passwords are changed ○ Set TLS version for SMTP ○ Added an enhanced pg-data-purge script to optionally
purge data from parent fact tables○ Added sosreport, a new system level diagnostic and data collection tool. For more information about each of these new features, see New features. |
|
Backward Compatibility | The following issues affecting backward compatibility were introduced in this version of Apigee Edge for Private Cloud:
|
|
Included Releases | Since the previous Edge for Private Cloud Feature Release, the following releases have occurred and are included in this release:
|
|
Retirements | None | |
Deprecations | With the release of 4.51.00:
For more detailed information about the deprecations including removal timelines, see Apigee deprecations and retirements. |
|
Known Issues | This release includes the following known issues: For more information about each of these known issues, including workarounds, see Known issues. |
|
Upgrade paths
For instructions on upgrading to Edge for Private Cloud 4.51.00, see Update Apigee Edge 4.19.06 or 4.50.00 to 4.51.00.
New features
This section lists new features in this release. Additionally, this release includes all features in the Edge UI, Edge Management, and Portal releases listed in Included Releases.
In addition to the following enhancements, this release also contains multiple usability, performance, security, and stability enhancements.
A new pop-up window warns you of end of life (EOL) dates for Edge for Private Cloud
Edge for Private Cloud customers will start seeing warning messages displayed six month prior to the installed version's EOL date. The EOL message will be shown once per browser session: if you close the tab or browser, the session will be lost. If you then re-open Apigee in a browser, the message will be displayed again.
New option to log out users when their passwords are changed
A new flag was added to apigee.feature.clearSessionOnPasswordUpdate
, which lets
you configure whether users are logged out after you change their password.
The default is that users are not logged off.
New flag to set TLS version for SMTP
A new flag has been added to mail.smtp.ssl.protocols
, which specifies the SSL protocol
that are enabled for SMTP connections. This feature lets you configure SSL protocols based on
your security requirements.
You can set this flag by adding the following entry to the properties file,
/opt/apigee/customer/application/ui.properties
:
conf_apigee.mail.smtp.ssl.protocols=ssl-protocol
Possible values for ssl-protocol are SSLv2Hello
,
SSLv3
, TLSv1
, TLSv1.1
, and TLSv1.2
.
New diagnostic tool, sosreport
Added Sosreport, a new system level diagnostic and data collection tool.
Added support for new software versions
Apigee has added support for the following software versions:
- Postgres version 10.17
- Nginx version 1.20.1
- TLS 1.3 Northbound support
Configure forward proxy.
The following flags have been added, which let you configure a forward proxy:
http.proxyHost
http.proxyPort
http.proxyUser
http.proxyPassword
By default the values of the flags are empty.
Enhanced pg-data-purge script to purge parent fact tables from analytics
To run the script, enter the following command:
/opt/apigee/apigee-service/bin/apigee-service apigee-postgresql pg-data-purge org_name env_name number_of_days_to_retain [Delete-from-parent-fact - N/Y] [Confirm-delete-from-parent-fact - N/Y]
The script has the following options:
Delete-from-parent-fact
Default : No. Will also delete data older than retention days from parent fact table.skip-prompt
. Default: No. If No, the script will prompt for confirmation before deleting data from parent fact. Set to Yes if the purge script is automated.
Option to change the user label in the login page
A new flag, apigee.feature.customLoginUserLabel
allows you to configure the user label
in the login page based on their preference. The default is Email address.
Supported software
This release includes the following changes to supported software:
Support Added | No Longer Supported |
---|---|
This release supports the following software versions:
|
The following software versions are no longer supported with this release:
|
For a complete list of supported platforms, see Supported software and supported versions.
Bug fixes
This section lists the Private Cloud bugs that were fixed in this release. Additionally, this release includes all bug fixes in the Edge UI, Edge Management, and Portal releases shown in Included Releases.
Issue ID | Description |
---|---|
112262604 |
Mint Management Server needs to be updated when Postgres failover is performed An enhanced script was created to change Postgres connection details for Mint Management Server. See Handling a PostgreSQL database failover. |
150844280 |
Without an internet connection, Apigee SSO tried to download an external font library during login. The Google Sans font for headers, which doesn't have an open source license, has been replaced with the Noto Sans font. |
161351690 |
The HMAC policy did not appear in the policy chooser. The policy is now displayed in the policy chooser. |
168149141 |
Monetization installation was failing on the second management server. Some potential issues due to a race condition during installation of Mint Management Server have been fixed. |
170089960 |
Unable to change the user label in the login page A new flag has been added toapigee.feature.customLoginUserLabel .
With this flag, you can configure the user label in the login page.
The default is the existing label, i.e., Email Address..
|
170791446 |
In the Developers UI, a forbidden character in the developer's email address prevented editing the developer's details. This has been fixed. |
173657467 |
Management Server wasn't coming up if Cassandra nodes in other data centers were down. The enable Cassandra authentication script has been enhanced to prevent this problem. |
175638733 |
AWS Linux 1 is being deprecated Support has been added for AWS Linux 2. |
175942835 |
GET requests to dailysummaryreports were being allowed without CSRF protection This has been fixed |
178305317 |
Consul connect client was not using all the available Consul servers for automatic failover This has been fixed |
180207712 |
Customers weren't able to add new Cassandra nodes due to incorrect CASS_HOSTS property is provided.
|
186503861 |
ServiceCallout policy was incorrectly splitting the header values when the |
182456858 |
Management server was not always connecting to the local region's Postgress server. The Management server's Postgres selection algorithm has been optimized so that it connects to a Postgres node in local region |
182857918 |
Log messages when Message Processor reaches its connection limit have been improved. This simplifies troubleshooting. |
183147699 |
Customer dc-4 expansion failed due to custom region name. A new property,REGION_MAPPING , lets you assign your custom region names to
standard region names (dc-1, dc2, and so on).
See Edge Configuration
File Reference.
|
185285557 |
Added an optional feature to make developer emails case insensitive. This feature is turned off by default, so developer emails continue to be case sensitive (the current behavior). |
189743303 |
Analytics API with filter to exclude API proxies was returning an error. An issue with parsing filters during execution of custom reports has been fixed. |
171240470 |
Management update was failing when Cassandra JMX Authentication or SSL was enabled Added feature to provide Cassandra JMX authentication and SSL configurations when running setup or update on Management server. |
168560804 |
When creating a shared flow in the Edge UI, the UI was returning a 403 error for insufficient permissions. Fixed an undefined value that was being passed to the API. |
171985727 |
Made improvements in JMX configurations of Cassandra so configurations follow other Apigee configuration standards and changes are not overridden during Cassandra upgrade. |
188526117 |
An IP command was not prefixed with the absolute path. The absolute path is now included in the command. |
123015330 |
Misformatted numbers within a component's .properties file were causing the component to fail to start This has been fixed. |
161934168 |
PostgreSQL PassTheHash protocol design vulnerability, by PostgreSQL to Postgres v10.17 This has been fixed. |
185115206 |
Made enhancements to improve performance of analytics queries on Management Server |
193870176 |
Added a Router level configuration to disable Virtual Host listen options on standard ports 80 & 443. |
197331224 |
Get org would return a 403-unauthorized error instead of 404-not found if org is not present. |
184573211 |
Java Management Extensions (JMX) is no longer enabled by default for the Apigee SSO module. |
Security issues fixed
The following is a list of known security issues that have been fixed in this release. To avoid these issues, install the latest version of Edge Private Cloud.
Issue ID | Description |
---|---|
CVE-2018-16131 | Vulnerability: [Denial of Service (DoS)] found in for project: unified-experience/navbar (SNYK-JAVA-COMTYPESAFEAKKA-32493). This has been fixed. |
CVE-2020-7676 | Cross-Site Scripting (XSS) vulnerability in jQuery. A vulnerability in jQuery which reported cross-site scripting (XSS) was fixed. |
CVE-2016-5388 | Vulnerability in Tomcat servlet. Existing Tomcat servlet 8.0.53 had a security vulnerability. Upgrading Tomcat servlet to 8.5.34 fixed this vulnerability. |
Known issues
The following table lists known issues in this release:
Issue ID | Description |
---|---|
194249507 |
As a workaround, install |
See Known issues with Edge for Private Cloud for a complete list of known issues.
Next step
To get started with Edge for Private Cloud 4.51.00, use the following links:
New installations:
Existing installations