Nightly 8.1 Changelogs - 2021

Nightly Changelog: 8.1.14-b20211217


5296: Refactor misleading login failure message on internal IdP
Refactored the login failure messages in the internal IdP to be less misleading for the case where the user is locked out


5031: Realtime Tag Paths do not work as the source value of a pen on a power chart in versions 8.1.3+
Now, a non-historical tag path like [default]Simulator/Sine/Sine0 is converted to a historical format like histprov:default:/tag:Simulator/Ramp/Ramp0 for each pen. Any updates to the pen done via the UI will write the converted (historical) path back to the data.source property of the pen. This keeps all of the data.source properties of the pens in a historical format while still allowing an initial non-historical tag path to add pen data to the chart display.

2324: Qualified Value created with a ‘null’ quality from an expression causes Vision window to not be able to opened in designer
Fixed a null pointer exception thrown when opening Vision windows with invalid BasicQualifiedValue objects serialized into them.


Nightly Changelog: 8.1.14-b20211220


5228: WebSocketSession: “java.lang.IllegalStateException: Delegate is not set” warning when logging out of Perspective via IdP with the Inactivity setting
Fixed an “java.lang.IllegalStateException: Delegate is not set” warning Gateway log message when logging out of a Perspective Project which requires authentication due to inactivity

Data Model

4873: Edge History Sync Task fails to update sync id due to sqlite connection lock
Fixed this issue by increasing sqlite busy timeout for local syncable databases.

5326: Internal historian data isn’t synced remotely if tag path is repeated for same syncid
Historical data is now forwarded properly through data sync if history set contains repeating tag path.


5332: Perspective download() script function support for mobile apps
The Perspective download scripting function now interacts with the mobile apps directly to ensure that download requests function as expected and can be saved to the local device. Requires version 1.0.2 of the mobile apps.

Nightly Changelog: 8.1.14-b20211221


2143: Reporting- Page break on row doesn’t work without headers
Enabling a page break per row for a Reporting table group no longer returns only a single row of data.

1450: Perspective embedded views bidirectional bindings writing default values to tags when view is opened
Fixed issue that could cause bidirectional bindings on View parameters to inadvertently write back when loading the view.

244: Perspective Sessions Page Fails To Display Active Sessions
Fix issue occurring with Perspective status pages where page fails to display when a component’s name is empty while gathering session info.

2027: Performance: audit and improve designer front-end performance of basic interactions (i.e. selection, resize, move) and more
Improved front-end performance of Designer selection and component interaction.

1845: Perspective Table: Deleting the last row while editing a table cell causes a Component Error
Resolve Table component error that occurs when the last row is deleted while editing a cell of that last row


1712: Gateway Network Client Trust Manager’s trusted certificates cache can become stale

  • In order to improve the security and organization of the Gateway Network’s trusted certificates model through “separation of concerns”, and to gain functionality from a more mature and proven certificate model (Milo’s OPC UA Client / Server Trust Lists), the Gateway Network’s trusted certificates are now split into client and server certificates.
    • Client certificates are the certificates of peer Gateways that the current Gateway trusts when it is making outgoing connections.
    • Server certificates are the certificates of peer Gateways that the current Gateway trusts when it is handling incoming connections.
  • The new trusted certificates model is organized in a way very similar to the Milo OPC UA client and server embedded within Ignition:
    • Server certificates live under $GATEWAY_HOME/data/gateway-network/server/security/pki/
    • Client certificates live under $GATEWAY_HOME/data/gateway-network/client/security/pki/
    • Both client and server certificates are further organized as follows:
      • Trusted / Approved certificates: $GATEWAY_HOME/data/gateway-network/{server|client}/security/pki/trusted/certs/
      • Rejected / Quarantined certificates: $GATEWAY_HOME/data/gateway-network/{server|client}/security/pki/rejected/
      • Issuer (CA) certificates: $GATEWAY_HOME/data/gateway-network/{server|client}/security/pki/issuers/certs/
    • Certificates are encoded and stored in PEM format
  • On upgrade, to preserve backwards-compatibility: certificates which were previously shared by both client and server will be copied to each of the new client and server directories
    • Trusted / Approved certificates which previously lived in $GATEWAY_HOME/data/certificates/gateway_network/ will be copied over to $GATEWAY_HOME/data/gateway-network/{server|client}/security/pki/trusted/certs/
    • Rejected / Quarantined certificates which previously lived in $GATEWAY_HOME/data/certificates/gateway_network/quarantine/ will be copied over to $GATEWAY_HOME/data/gateway-network/{server|client}/security/pki/rejected/
    • Issuer (CA) certificates which previously lived as entries in the keystore file located at $GATEWAY_HOME/data/certificates/cert-chain-store will be copied over to $GATEWAY_HOME/data/gateway-network/{server|client}/security/pki/issuers/certs/
  • When the Gateway makes an outgoing connection to a peer Gateway whose certificate is not yet trusted, the peer certificate (or its certificate chain if one is configured) is copied into the $GATEWAY_HOME/data/gateway-network/client/security/pki/rejected/ directory
    • This new model allows users to configure the Gateway Network client to trust the peer Gateways on outgoing connections by moving the certificate on the filesystem from $GATEWAY_HOME/data/gateway-network/client/security/pki/rejected/ to $GATEWAY_HOME/data/gateway-network/client/security/pki/trusted/certs/. This filesystem change will be picked up immediately by the Gateway and the connection will be trusted when it attempts to reconnect again. This was not easily possible before.
  • The same goes for the case where a Gateway handles an incoming connection, except the directory is under $GATEWAY_HOME/data/gateway-network/server/ instead of $GATEWAY_HOME/data/gateway-network/client/. The Gateway Network config UI’s Incoming Connections tab was made compatible with this new model so that incoming connection certificates may continue to be approved, denied, or deleted there.
  • The keystore at $GATEWAY_HOME/webserver/metro-keystore continues to be used as the source for the private key and certificate used by both the Gateway Network client and server for the purposes of authenticating itself to its peer.
  • These changes only apply for Gateway Network connections over SSL / TLS (default port 8060). For the Gateway Network client making outgoing connections, two-way authentication must be enabled as well.

All certificates and files / folders under $GATEWAY_HOME/data/gateway-network/ are included in Gateway backups and restored upon restoration of such backups.

1 Like

Nightly Changelog: 8.1.14-b20211222


1344: Add additional context/parameters to project update script
Project update gateway event script now reports which resources were modified during project save.


1570: Audit Initial User Lockout Event
The event where a user in a user source profile transitions from a state of unlocked to locked out is now audited to the Gateway Audit Profile if such a profile is configured.


2332: Setting a dynamic height and width for nested views can fail to evaluate on initial view load
All views are now able to respond to dynamic changes to width/height.

1 Like

Nightly Changelog: 8.1.14-b20211223


4935: ScheduledScriptManager should use an unbounded thread-pool and execution queues for each distinct script
Scheduled scripts now use a cached thread pool and per-script execution queues. This facilitates parallel execution of scheduled scripts within a project–useful for both longer running scripts and situations where multiple scripts have the same schedule. A given scheduled script will enqueue and wait for any previous invocations to complete before running again.


4039: Allow Gateway Network Proxy Depth to be set from the Gateway UI
Gateway Network Proxying Depth is now configured via the Gateway Configuration Webpage UI. The previous checkbox for “Allow Proxying” has been replaced with the numeric depth count (where <= 0 is “disabled” and > 0 is “enabled”). Previous values of the ignition.gan.maxproxydepth system property are absorbed into this new configuration field (if “Allow Proxying” was enabled) on upgrade.

5325: Remove log4j reference from EAM remote upgrader
Removed unused log4j reference from EAM remote upgrader.


5259: Table Component passing the wrong viewParams to subviews when filtered
Regression fix for incorrect view params being passed to View instances of the Table component when filtered or paged. A regression introduced in 8.1.12.

2907: AST, AJT, and Table Components: Implement runtime column ordering via drag
Implement runtime column drag reordering for Table, Alarm Status Table, and Alarm Journal Table.

3036: Table highlight get stuck on top row of perspective table when you hover away
Fix Table mouseover highlight getting stuck on top row when mouse leaves the component.


5225: CIP Security Information item not supported
Fixed a bug that caused the Logix Driver to cycle between Idle and Connected upon receiving a CIP Security Information item as part of a ListIdentity response.


3941: Include actor host within audit log query results
Audit Log Queries via system.util.queryAuditLog() and Vision Binding Function now include the “Actor Host” field in the returned dataset.


3315: Provide An Open Gateway Option From Designer Cards In Launcher
Added a “Go to Gateway” link in the Designer launcher.