Release Notes SaaS Patch 1 HF2

The AppViewX 2026.1.1.2 (SaaS) release notes describe new features, enhancements, bug fixes, known issues, and known limitations in the software.

New Features

There are no new features in software in this release.

Enhancements

There are no enhancements in software in this release.

Bug Fixes

CERT
  • The DigiCert CA discovery process now leverages the configured discovery rules and filters certificates based on order status. This ensures that expired and revoked certificates are excluded, preventing unnecessary calls to the certificate details API.
  • Resolved Kube+ production authorization and OAuth token refresh issues that were impacting cluster access and causing cert-orchestrator pod failures. This improves cluster stability in the eks-int-prd-k8s-east-1 environment and restores more reliable orchestration in the TIAA production deployment.
  • Resolve an issue where HydrantID certificate discovery did not populate Expiry Email details. Now retrieves vendor-specific expiry notification emails when Discover Additional Fields is enabled, improving certificate visibility and tracking.
  • Resolved tenant slowness in the US-PROD-1 environment that was causing certificate enrollment workflows to remain stuck in progress for extended periods.This improves workflow responsiveness and ensures more reliable certificate enrollment processing for the affected tenant.
  • Resolved an issue where certificates added to a child group were not visible from the parent group.This restores expected certificate inheritance behavior and improves visibility across parent-child group hierarchies.
  • Resolved an avx-vendors pod stability issue in EUC1-PROD-1 where heap memory exhaustion caused pods to enter a degraded state and fail request handling.This improves service availability and prevents startup failures caused by out-of-memory conditions in the vendors deployment.
  • Resolved an issue where the Certificate Attribute Update API did not handle data types correctly during updates. The API now preserves the provided data type, and defaults to text when no type is specified.
  • Resolved an issue where certificates renewed using Renew with Now incorrectly inherited the same validity for the next renewal, causing repeated daily renewals. This behavior has been corrected to prevent unintended consecutive renewals.
  • Resolved an issue where regenerated certificates pushed to GCP Load Balancer using Classic Certificates reused the same friendly name, causing push failures. AppViewX now ensures regenerated GCP certificate names remain unique, allowing certificate push operations to complete successfully.
  • Resolved an issue where certificate enrollment requests submitted through the API failed when the enrollment flow was configured to use Policy Engine. This update improves the reliability of automated API-driven certificate enrollment workflows executed through policy-based processing.
  • Updated Sectigo certificate discovery to support additional Requested Via enrollment types, including Enrollment Form, Client Admin, Web API, MS Agent, and Bulk Request. This ensures certificates issued through these supported Sectigo enrollment channels are discovered and imported into AppViewX correctly.
  • CSR upload via cert-generate-csr-manual API now gracefully handles issuer resolution in the absence of a chain identifier information, ensuring smooth processing and successful inventory upload.
KUBE
  • Resolved a Kube enrollment issue where certificate names containing a period . were incorrectly rejected in the AppViewX UI with an InvalidName error.This brings UI behavior in line with documented naming rules and enables successful certificate enrollment for valid hostnames such as xx.test.tiaa-cref.org.
  • Resolved an issue where cert-orchestrator failures caused all clusters to go down and disappear from inventory after the Spring upgrade.This improves cluster stability and ensures more reliable synchronization between inventory visibility and backend cluster state.
SIGN
  • Resolved an issue where CSP GUIDs were incorrectly generated in the README file on certain modern Windows systems, causing signing failures. The problem was due to inconsistencies in Key Container ID generation and encoding, further impacted by recent .NET upgrades. The GUID generation and encoding logic has been enhanced to ensure consistent and reliable behavior across all supported Windows versions.

Known Issues

There are no known issues in software in this release.

Limitations

There are no limitations in software in this release.