PingDirectory

PingDirectory suite of products 10.1.0.5 (February 2026)

Fixed a critical LDAP request issue

Fixed DS-50632 PingDirectory

We fixed a critical server issue where some LDAP requests failed with a ConcurrentModificationException in the AuthenticationInfo module.

This issue was introduced in version 10.1.0.0. Update affected servers.

Improved expired certificate handling for TLS negotiation

Fixed DS-49269, DS-49270 PingDirectory, PingDirectoryProxy, PingDataSync

We fixed an issue that could cause the server to select an expired certificate when performing TLS negotiation with an external server that has a key manager provider and requests a client certificate chain.

The server now presents an expired certificate only if the key store doesn’t include any certificate chains with currently valid certificates.

We also added the ssl-cert-nickname property to the external server configuration, which allows you to control which client certificate chain the server presents to that external server. If this property isn’t configured, the server attempts to select an appropriate certificate chain automatically.

Fixed an issue with FIPS-compliant server upgrades

Fixed DS-50372 PingDirectory, PingDirectoryProxy, PingDataSync

We fixed an issue with server upgrades failing for FIPS-compliant servers running in a Linux environment with native FIPS mode enabled.

You can identify this upgrade failure by the following error message:

Error initializing update: Error determining build information for the server at /opt/PingDirectory: 1. Output from /opt/PingDirectory/bin/status -F was: .

Fixed an issue with the Changelog Password Encryption plugin

Fixed DS-50457 PingDirectory

We fixed an issue where the Changelog Password Encryption plugin didn’t add encrypted attributes to the changelog for entries created with the Generate Password request control.

Fixed an upgrade issue for servers without a userRoot backend

Fixed DS-50541 PingDirectory

We fixed an issue that caused upgrades for servers running version 10.0.0.x or later with no userRoot backend to fail.

During an upgrade, the update tool tried to delete some configuration entries for inverted static group support that didn’t exist.

Fixed an issue with --performLocalCleanup in interactive mode

Fixed DS-48553 PingDirectory, PingDirectoryProxy, PingDataSync

Running remove-defunct-server --performLocalCleanup in interactive mode no longer attempts to establish a connection to another live server in the topology.