Edge

Release 10.9.0.1

Fixes

The Log4j library has been updated to version 2.16 to mitigate CVE-2021-44228.

Release 10.9.0

Cumulocity IoT Edge Release 10.9, includes the following improvements, fixes and known issues.

Download Cumulocity IoT Edge version 10.9 from Software AG Empower portal, based on the target hypervisor.

New installation, configuration and update model

You can now perform the installation, configuration and update of Cumulocity IoT Edge using the GUI and REST APIs. In previous releases, you had to use the terminal to perform these tasks. For more information, see Installing Cumulocity IoT Edge and Configuring Cumulocity IoT Edge.

Migrating Edge 10.7 to 10.9

Edge 10.9 supports migration of Edge appliance from version 10.7. If you are using a version earlier than Edge 10.7 and plan to upgrade to Edge 10.9, you must first upgrade to Edge 10.7 and then migrate from Edge 10.7 to version 10.9.

You can perform the migration using the manual steps or using the sample scripts provided in the software. You may customize these scripts for your requirements and automate the migration process. For more information, see Migrating Edge 10.7 to 10.9.

Important
Software AG does not officially support these scripts. These scripts are only for your reference.

Edge REST APIs with OpenAPI Specification

Edge 10.9 adopts the OpenAPI Specification as the standard format to specify the REST APIs. For more information, see OpenAPI Specification for Edge.

Other changes

Deprecation of TLS 1.0 and TLS 1.1

Transport Layer Security (TLS) 1.0 and 1.1 are formally deprecated as of March 2021. For more information, see https://tools.ietf.org/html/rfc8996.

This RFC changes the requirement to reject TLS 1.0 and 1.1 from “SHOULD NOT” negotiate these versions to “MUST NOT” negotiate.

The RFC lists the reasons for the deprecation in the “1. Introduction” section. These protocol versions are vulnerable to attacks and no longer considered secure.

The devices that still use TLS 1.0 and 1.1 must be reconfigured to use a minimum of TLS 1.2 or later versions.

Known issues

Ticket
Area
Description
CIE-670
CIE-2060
Device Management Issue: The default linux-agent created in VMware appears as VMware None (linux-agent).

Workaround: Change the name of the linux-agent in the Device Management application.
CIE-852 VMware Workstation Issue: On VMware Workstation, you should use UTC on your host machine. If you choose not to use UTC, you may have time sync issues.

Workaround: Set rtc.diffFromUTC=0 in the .vmx file.
CIE-2072 Microservices Issue: GET response of /edge/configuration/microservices is not consistent. If you have restarted the Edge appliance or just enabled the microservices, for a short period the GET response might return that the microservices are not enabled.

Workaround: After restarting the Edge appliance or changing the configuration of the Edge appliance (for example, configuring the network or enabling microservices), wait at least 60 seconds before making a request to /edge/configuration/microservices to ensure it is up-to-date.
CIE-2124 Network configuration Issue: The blue-screen network-configurator does not reflect the new network parameters when updated through the GUI or REST API.

Workaround: Restart the Edge appliance.
CIE-2127 Administration Issue: Complex C8Y password causes failure in setting up the Management tenant and the logged password.

Workaround: Do not use passwords with quotes or curly braces.
CIE-2132 Network configuration Issue: “Unable to get network configuration information” on the Network tab.

Workaround: Configure the network using the REST API or the UI.
CIE-2331 Administration Issue: Switching the Edge agent URL fails as the device credentials are cached. This causes the registration to fail when connected to another Cumulocity IoT tenant URL.

Workaround: Delete the credentials from the location /usr/edge/properties/edge-agent/workspace/storage/credentials_B0Y4g3TPhbQkEeY. Also, delete these credentials when you disable remote-connectivity.
CIE-2342 Administration
Installation
Issue: Google Chrome browser handles the self-signed SSL website differently in Windows and in Macintosh platforms. Unlike in Windows, in Macintosh platform, the Proceed to link does not appear in the Chrome browser.

For new enhancements in Cumulocity IoT, see What’s new.