DocumentationAPI ReferenceRelease Notes
Release Notes
Back to All

Base 8.2.0 release notes

April 14th, 2026

🆕 New features and enhancements

Configurable MTU Override

Administrators can now manually specify an MTU value to override the MTU provided by a DHCP lease. Previously, the MTU was always inherited from the DHCP lease with no option to override it. The configured MTU value is set in the console and enforces minimum and maximum limits to prevent misconfiguration. If no override is specified, the system falls back to the default MTU of 1500.

Critical Update and Server Connectivity Improvements

Two improvements have been made to the Maintenance Window and Updates settings page to reduce risk around critical update management.

Disable auto-updates confirmation

Disabling automatic installation of critical updates during the Maintenance Window now requires typed confirmation. When a user attempts to disable this setting, a confirmation dialog is displayed explaining the security risk. The user must type DISABLE exactly to proceed. This prevents accidental disabling of critical updates.

Update service connectivity status

A new connectivity status indicator is now displayed on the Maintenance Window and Updates settings page. This indicator shows whether the appliance can reach the update service, and includes a Test Connectivity button to run an immediate reachability check. The following states are displayed:

  • Connected: The update service is reachable, with a timestamp of the last successful check.
  • Connectivity issue: The update service is not reachable, with remediation guidance for ports, URLs, proxy, and DNS configuration.
  • Unknown: Connectivity has not yet been verified.

If automatic critical updates are enabled but the update service is unreachable, a warning banner is displayed on the page to alert administrators that the appliance may not receive updates until connectivity is restored.

Automatic TLS and ACME Certificate Synchronization for Clusters

Appliances that are part of a cluster or failover relationship now automatically synchronize TLS and ACME certificates across all nodes. This ensures consistent certificate management and eliminates the need for manual certificate updates.

Support for Internal CA Certificates in Clusters

Appliances in a cluster or failover relationship now support connecting to each other using certificates issued by internal certificate authorities, enabling greater flexibility for environments with private PKI requirements.

🛠️ Issues resolved

DescriptionResolution
When an identity provider's metadata contained two SAML signing certificates, only one certificate was selected, which could result in authentication failures if the non-selected certificate was the active signing certificate.SAML signing certificate selection now correctly handles identity provider metadata containing multiple signing certificates.
When an administrator reset a new user's password for the first time, the password could be reset to the user's current password, bypassing the requirement to set a new one.An administrator can no longer reset a new user's password to their current password during a first-time password change.
Strict host checking was not functioning correctly in versions 7.4.0, 8.0.0, and 8.1.0 due to the migration to nginx.Strict host checking now functions correctly following the migration to nginx.
Hypervisor detection used an exact match for VMware product names, causing detection to fail for VMware environments that include version information in the product name (for example, "VMware,7.1" or "VMware Virtual Platform").Hypervisor detection now checks for the presence of "VMware" in the product name rather than requiring an exact match, ensuring VMware environments are correctly identified regardless of version.
Configuration changes made to one site on a multi-site appliance caused web console connections on all other sites on the same appliance to be dropped.Configuration changes to one site no longer affect web console connections on other sites on the same appliance.
When resetting a user's failed authentication count in /appliance, an error message was displayed in the browser. After removing the path from the URL, multiple "Login attempts were successfully reset for the user" messages were displayed simultaneously on the users page.Resetting a user's failed authentication count no longer produces spurious error messages or duplicate success notifications.

📝 Notes

  • Base 8.2.0 includes Service Pack 41.
  • 8.2.0 requires Base 8.1.0+ for upgrades (upgrade from the 7.1.0 image is supported)
  • Certified for GA for all currently supported appliance models.
  • Verified for:
    • 26.1.1 RS
    • 26.1.1 PRA

©2003-2026 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.