Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please update your bookmarks. This site will be discontinued in Dec 2024.

Pega Platform Resolved Issues for 8.1 and newer are now available on the Support Center.

INC-171875 · Issue 653893

Skip restored for browser request CSRF token

Resolved in Pega Version 8.6.1

Many SECU0008 alerts were seen in the production logs. This was the result of a CSRF token check on requests without pyActivity or pyStream, and has been resolved by restoring a conditional skip of the check as those other browser requests do not contain a CSRF token.

INC-173294 · Issue 650235

Mobile "Forgot Password" supports circumstanced rule

Resolved in Pega Version 8.6.1

An enhancement has been added to support a circumstanced rule for the "Forgot Password" flow on mobile.

INC-175058 · Issue 660934

SSLContext created using protocol from REST connector rule form

Resolved in Pega Version 8.6.1

After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.

INC-175706 · Issue 659528

SSLContext created using protocol from REST connector rule form

Resolved in Pega Version 8.6.1

After upgrading to IBM websphere v9.0.5.6 or higher, API calls Like REST, Connect-HTTP etc were failing to connect to endpoints using TLSv1.2. Investigation showed that although the connector was configured to send TLSv1.2, the ClientHello handshake was triggered for TLSv1.3. Because the SSLContext was created with highest version supported by protocol in the WAS container, this has been resolved by modifying the code to create SSLContext based on the the protocol selected in the REST connector rule form. Additionally, please note that the Connect-HTTP connector has been deprecated and the Connect-REST capabilities in the platform should be used instead.

INC-175897 · Issue 655467

LookUpList correctly executes during SSO login with model operator

Resolved in Pega Version 8.6.1

After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after update new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.

INC-161984 · Issue 638856

Web Tier busy threads released on timeout

Resolved in Pega Version 8.6.1

Tomcat Web Tier Busy Threads were not being correctly released, causing stability and performance problems that included health check pings not receiving a thread to service the request so the node was marked as bad, users were quiesced, and the node replaced. Investigation showed the 'put' on the blocking queue did not time out when the queue was full and waited indefinitely, keeping the thread blocked. To resolve this, the system will use 'offer' on the blocking queue instead of 'put' to force thread release on timeout. In addition, debug logs have been added to understand when the offer (or Put) does not succeed and the state of the queue that is causing this issue; the debug logs for class com.pega.pegarules.session.internal.serverpush.RoboticAutomationImpl should be enabled only if the thread busy issue is observed and for limited time window while actively debugging.

INC-164794 · Issue 637991

Apache Commons libraries updated

Resolved in Pega Version 8.6.1

Apache commons-codec has been updated to version 1.15 , and Apache commons-io has been updated to version 2.7.

INC-171587 · Issue 652191

Resolved Push Node Daily Information exception

Resolved in Pega Version 8.6.1

The "Push Nodes Info Daily" agent was generating an exception on each of the nodes. This has been resolved by enhancing the PegaAESRemote code to handle the exception and get the node info locally, then push it to the console when it is not able to get it via the cluster management API.

INC-173162 · Issue 650793

Certificate match will use Subject Distinguished Name

Resolved in Pega Version 8.6.1

Signature verification was failing due to the system not finding the matching root certificate for the chain. The root certificate was in the trust store, but the system found a different certificate first and that other certificate (an intermediate certificate) was not considered a valid certificate for validating the whole certificate chain. This was traced to filtering on the Issuer Distinguished Name (DN) instead of the Subject DN and was due to intermediate certificates potentially having the same Issuer as a root certificate (e.g. if that root certificate was used to create the intermediate certificate). To resolve this, an update has been made to check the Subject DN instead of Issuer DN.

INC-174298 · Issue 650257

Instance count logic updated

Resolved in Pega Version 8.6.1

A performance issue was seen during update that resembled an upgrade hang. This was caused by a combination of incorrect logic in DDLGenerator.getInstanceCountForClass() around counting instances of 'core' classes and all of the site history-data- tables being mapped to the same table that had 1.4+ billion rows. This behavior has been addressed with more correct query logic while performing instance counts. In addition, instance count will be supressed during command line invocations (prpcUtils, platform upgrade).

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us