Combined Key Management release notes for upgrades from Zurich to Australia

australia Combined Product Files

Release

australia

ft:locale

en-US

ft:publication_title

australia Combined Product Files

ft:clusterId

delta3az

bundleId

delta3az

Combined Key Management release notes for upgrades from Zurich to Australia

Release version: Australia

Updated May 4, 2026

4 minutes to read

Consolidated page of all release notes for Key Management from Zurich to Australia.

How to use this page

To help you prepare for your upgrade, we have combined the cross-family Key Management release notes onto one page. Read this summary of the new features, changes, and updated information for your product from Zurich to Australia.

Tip:

If there were no updates for a release notes section in a certain family release, we included a short note for your reference. For example, if a product did not have any updates in Tokyo, the row says "No updates for this release."

Important information for upgrading Key Management to Australia

Before you upgrade to Australia, review these pre- and post-upgrade tasks and complete the tasks as needed.


Release	Release notes
Zurich	No updates for this release.
Australia	In pre-Zurich releases, the GlideEncrypter API used the three-key Triple Data Encryption Standard (3DES) encryption standard, which NIST 800-131A Rev 2 has recommended against using after 2023. The following changes are taking place in the Australia release in preparation for a full deprecation of GlideEncrypter/3DES in the future: New Australia instances can’t use GlideEncrypter. All base system scripts have been changed to use alternative encryption processes. if you’re upgrading your Australia instances, you can still GlideEncrypter, which has been updated to use AES256-GCM encryption via the Key Management Framework. Learn more about 3DES deprecation in KB1704481.

New features

Between your current release family and Australia, new features were introduced for Key Management.


Release	Release notes
Zurich	No updates for this release.
Australia	Added SHA512 support for message digests GlideDigest has been updated to allow creation and verification of message digests using the SHA512 cryptographic hash function. Offline key exchange to share module keys between instances Admins can share module keys between instances offline to facilitate instance clones between on-premise instances using KMF. Sign and verify JSON web tokens (JWT) through KMFCryptoOperation The signing and verification processes for JWTs are now integrated as operation types in the existing KMFCryptoOperation class. Centralized Crypto Management console Use the new Crypto Management Console to streamline and track the certificate management lifecycle. The new console scans your instance for certificates and displays their details in a central location, Clone and restore support for on-premise instances Support for cloning and restoring on-premise instances. Support has also been added from migrating a commercial instance to on-premise instances, and vice-versa. Certificate Revocation List (CRL) validation support ServiceNow now supports Certificate Revocation List (CRL) validation for certificate revocation checks as an alternative to Online Certificate Status Protocol (OCSP), with automatic fallback when OCSP is unavailable.

Changes

Between your current release family and Australia, some changes were made to existing Key Management features.


Release	Release notes
Zurich	No updates for this release.
Australia	Updated workflow for creating cryptographic modules Use the streamlined workflow designed for faster, easier creation of cryptographic modules. SecurityUtils Enhancements The SecurityUtils API has been enhanced to help prevent cross-site scripting attacks, including methods to sanitize and escape input.

Removed

Between your current release family and Australia, some Key Management features or functionality were removed.


Release	Release notes
Zurich	No updates for this release.
Australia	No updates for this release.

Deprecations

Between your current release family and Australia, some Key Management features or functionality were deprecated.


Release	Release notes
Zurich	No updates for this release.
Australia	No updates for this release.

Activation information

Review information on how to activate Key Management.


Release	Release notes
Zurich	No updates for this release.
Australia	The Platform Encryption subscription bundle is a group commercial entitlement that includes Field Encryption Enterprise and Cloud Encryption. Field Encryption Enterprise is the unlimited license of Field Encryption. The Enterprise plugin is available with the activation of the com.glide.now.platform.encryption plugin. For details, see Encryption and Key Management subscription bundle.

Additional requirements

If any additional requirements were introduced or changed for Key Management we have noted them here.


Release	Release notes
Zurich	No updates for this release.
Australia	No updates for this release.

Browser requirements

If any specific browser requirements were introduced or changed for Key Management we have noted them here.


Release	Release notes
Zurich	No updates for this release.
Australia	No updates for this release.

Accessibility information

Review details on accessibility information for Key Management, such as specific requirements or compliance levels.


Release	Release notes
Zurich	No updates for this release.
Australia	No updates for this release.

Localization information

If there are specific localization considerations for Key Management we have noted them here.


Release	Release notes
Zurich	No updates for this release.
Australia	No updates for this release.

Highlight information

If there are specific highlight considerations for Key Management we have noted them here.


Release	Release notes
Zurich	No updates for this release.
Australia	GlideDigest has been updated to allow creation and verification of message digests using the SHA512 cryptographic hash function Admins can share module keys between instances offline to facilitate instance clones between on-premise instances using KMF. The signing and verification processes for JWTs are now integrated as operation types in the existing KMFCryptoOperation class. See Key Management Framework for more information.