Known Issues

This section describes the known issues in this release.

ADC

HAProxy device onboarding fails during the configuration download phase, preventing successful device addition and object discovery in Device Inventory.

CLM

Citrix V14 endpoint CSR generation fails on secondary node in HA setup with error: “Error while creating CSR file on device due to No such key.
On WebSphere Linux devices, when version fetch fails during configuration retrieval, the device is still marked as Managed, but later operations move it to an Unresolved state.
CSR generation on Tomcat Linux endpoints fails with error: “Problem while generating CSR on target server.”
Exporting a F5 WAF device and re-importing it fails with error: “Invalid REST agent port.”
In the Enroll > Server Certificate form, selecting CSR generation source as Endpoint and Category as Server with any vendor results in error: “Resource not found, reason - Invalid API ID.”
When Firewall device credentials are not configured in Delinea, device management in AppViewX fails with a large floating error banner.
Windows MQClient CSR generation fails with error: “Argument ‘content’ is null.”
Endpoint CSR generation and certificate push to Windows machine fails when permissions on encrypted .txt file are removed, with error: “Unable to decrypt private key.”
When pushing a certificate with a single trust chain to Windows MQClient in JKS format and specifying trust store location, the trust store file is not generated.
Users with only Bulk Push ACF permission receive “Unauthorized Access” error for the /device-policy API on the App Connector page.
FortiGate endpoint CSR generation fails with improperly formatted error message: “CSR creation in FortiGate device failed: Error occurred in command execution - Certificate push failed.”
During CA discovery, certificate authority name is incorrectly mapped to InCommon instead of Sectigo when both share the same issuer common name and InCommon is already configured.
DigiCert duplicate action does not work for parent certificates of Multi-Domain SSL when CSR generation source is AppViewX.
Sectigo certificate discovery update email incorrectly displays CA name as “Comodo Certificate Manager” instead of “Sectigo CA.”
DCV validation becomes unresponsive during certificate re-enrollment for GlobalSign SSL certificates, and no proper error message is shown.
Certificate attributes allow limited value sets during enrollment, but updates from inventory actions are currently not permitted.
Auto-regenerated certificate email notification displays a “?” symbol instead of the expected tick or cross indicator.
Certificate attribute text field validation supports only the “>” operator, while dropdown fields support both “<” and “>” operators.
The “Valid From” and “Valid Until” dates are not updated correctly, causing mismatches between fetched values and Holistic View display.
Client Certificate Inventory dashboard is not visible even when access is granted through AI-based “Client Certificate Dashboard” permission.
Truststore certificate download use case does not allow access to the Holistic View.
The “View Inventory” access is incorrectly enabled for Server and Client certificates when only Code Signing inventory access is granted.
The “Select All Certificates” functionality does not work as expected and selects only certificates from the first page.

PKI

In ZDU, during Delta Migration, delta changes made in the tenant are not considered because the source collections are not taken into account for delta migration.
When issuing an end-entity certificate using AppViewX-generated CSR within Issue Certificate Page in PKI and later renewing via CLM, templates with CSR override disabled do not correctly preserve or apply override attributes.
When renewing an OCSP Signing certificate configured with HSM-based CSR generation, the renewed certificate does not appear in the OCSP inventory within PKI.As a workaround, users should perform Regenerate instead of renewal.