Customer actions

Find information on the actions that you need to perform before or after you upgrade to webMethods Integration releases.

Update for hybrid connectivity issue

In a hybrid environment, an on-premises Universal Messaging (UM) client cannot reconnect to a Cloud UM server after it receives a security exception.

To avoid regression defects and restore hybrid connectivity between the on-premises environment and Universal Messaging (UM), install the latest fixes:

  • For Integration Server 10.15: Universal Messaging Common Libraries 10.15 Fix 28
  • For Integration Server 11.1: NUMCommonLibraries 11.1 Fix 3
If you are not yet on the suggested or latest available fix version, follow these steps to restore hybrid connectivity:
  1. Disable and re‑enable the connection to reestablish connectivity.
  2. If the issue persists, restart your on‑premises Integration Server.
  3. For continued issues, open a support case with IBM.

SSL/TLS cipher configuration update

To maintain secure communication over TLS and comply with updated security standards, customers must upgrade their SSL/TLS configurations to use only the recommended cipher suites. Immediate action is required to help ensure continued secure connectivity and prevent potential vulnerabilities.

You must perform the following actions.

  1. Review your current SSL/TLS configuration.
  2. Remove any noncompliant cipher suites.
  3. Apply the recommended configurations.
  4. Validate connectivity and security after implementation.
Following are the recommended cipher configurations.
  • TLS 1.2 
    ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-CHACHA20-POLY1305
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-GCM-SHA384
  • TLS 1.3 
    TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_CCM_SHA256
TLS_AES_128_CCM_8_SHA256

Node.js version upgrade

The runtime environment for all custom connectors that are developed by using the Connector Builder (CLI) has been upgraded from Node.js v18 to Node.js v22. As a result, all new deployments now run on Node.js v22.

Note: Existing connectors running on Node.js v18 are not affected by this change and require no action unless they are redeployed.
When redeploying custom connectors, complete the following steps:
  • Ensure that all npm dependencies are compatible with Node.js v22. Incompatible or deprecated packages may cause build or runtime failures. Update versions where necessary.
  • Check the source code for compatibility with Node.js v22. Some APIs, language features, or deprecated modules may behave differently compared to Node.js v18.
  • Validate and test the connectors in a development or staging environment before deploying to production.

Security update for Transform connector

The npm package used by the Transform - XLS to JSON connector has been updated for security purposes. You must update existing workflows to use the latest v2 version of this action.
Note: The v1 version of this connector will no longer work after this release.

In v2, the input format has changed. Previously, the v1 version accepted an Excel sheet directly. The updated v2 version now requires a workbook object as input. To use it, first add the Spreadsheet Reader action to read the XLS file, and then pass the resulting workbook object to the XLS to JSON v2 action.

Security update for Decrypt PGP File action

The Decrypt PGP File action of the File connector has been updated to v2, which uses the latest openpgp npm library, due to security vulnerabilities in the previous version (v1).

Note: The v1 version of this connector will no longer work after this release.

Reconfigure the action by using Decrypt PGP v2 to help ensure that it uses the latest and more secure version of the library.