Published Release Notes

Platform truststore for validating certificates

Pega Platform™ now includes a platform truststore, to which you can import X.509 certificates that are common across platform applications. When a certificate needs to be validated, Pega Platform looks for the certificate at the connector level, then in the platform truststore, and finally in the application server (JVM) truststore. You can add, update, and delete certificates in the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key rotation.

For more information, see Importing an X.509 certificate.

Encrypt sensitive case data by using a secure default Pega Platform cipher and AWS KMS keys

You can encrypt sensitive data within your application without having to write custom cipher classes. You can configure encryption on the Data Encryption landing page by using your own keys managed in your private Amazon Web Services Key Management Service (AWS KMS) instance. Pega^® Platform encryption uses keys that are stored in AWS KMS to support both time-based and on-demand key rotation. Technical issues can arise in some cases, for example, if a key is deleted from AWS KMS.

For more information, see Potential problems with keystores when using AWS KMS, Configuring a Platform cipher, Types of ciphers.

Simplified deployment of stand-alone Apache Ignite servers

You can now install or upgrade Pega^® Platform in client-server mode, which uses Apache Ignite in a simplified way. The new installation process for stand-alone Apache Ignite servers does not require that you provide database credentials in a text file to communicate with Pega Platform nodes (clients). You provide this information by using JNDI support instead.

For more information, see Apache Ignite client-server clustering topology and the appropriate Deployment Guide.

Integrated Application Security Checklist helps you deploy a secure application

Pega^® Platform now provides an Application Security Checklist that you can refer to when you prepare your application for deployment. By completing the recommended tasks in this checklist, you can track your progress, access instructional information for tasks, and verify that your configurations are secure.

For more information, see Preparing your application for secure deployment, Compliance Score tab, Designer Studio — Home page.

CyberArk password vault support added for Pega database

With the CyberArk password vault, you can store your systems' passwords in a secure, central location and retrieve them from that location instead of directly entering credentials into the systems. This support is available only for IBM WebSphere environments.

For more information, see Pega Platform deployment guides.

Attachment migration from Pega database storage to a repository

You can now migrate case attachments from Pega database storage to a repository by using a wizard from Pega Platform™. This ability is useful, for example, when you migrate from an on-premises deployment to a Pega Cloud Services environment and you want to reduce the size of your Pega database and manage all your case attachments in a single location.

For more information, see Migrating case attachments to a repository.

Change passwords from Pega Mobile Client

You can now change your Pega^® Platform password from a mobile device. After your password expires and you try to log in to a custom mobile app, Pega Mobile Client lets you define a new password and verifies it against active password policies.

For more information, see Enabling security policies.

Support for Pega Infinity Mobile Client in offline-enabled applications

To take advantage of Pega Platform™ offline features, you can now build offline-enabled applications using Pega Infinity Mobile Client™. An offline-enabled application is built with Pega Infinity Mobile Client by default, and is fast to create and load. 

For more information, see Build offline-enabled applications using Pega Infinity Mobile Client, Offline-enabled application and Pega Infinity Mobile Client, and Pega Mobility and mobile clients.

Specify a queue of user operations in Pega Digital Experience APIs

You can now specify a queue of page instructions for user operations on embedded pages, page lists, and page groups in Pega Digital Experience APIs. The page instructions allow your client application to more accurately model users’ actions.

Pega Digital Experience APIs support the following operations:

• For embedded pages: DELETE, REPLACE, and UPDATE.
• For page lists: DELETE, REPLACE, UPDATE, APPEND, INSERT, and MOVE.
• For page groups: DELETE, REPLACE, UPDATE, and ADD.

For more information, see Page-related operation queuing with page instructions in Pega APIs.

Retrieve a flat list of fields from Pega Digital Experience APIs

You can now use the flatListOfFields parameter to retrieve a list of the fields in a case or flow action. With this parameter, you avoid parsing all the layout information for the Pega Digital Experience API, making it easier for you to see only what you need to build your user interface.

The following Pega Digital Experience APIs support the flatListOfFields parameter:

• GET /casetypes/{ID}
• GET /assignments/{ID}/actions/{actionID}
• GET /cases/{ID}/actions/{actionID}

For more information, see Retrieve a flat list of fields from Pega APIs.