With the release of our Unified eXchange Platform version 1.20 we have improved most of the platform's components. In addition to a new UXP Core, we have released new versions of UXP Monitoring Server, Directory, Connector and Trust Services. UXP Security Server and Registry Server got several updates, including improved performance, security and user experience. Our products also got an upgrade for Ubuntu and a lot of 3rd party components. We are particularly excited to share news on improving system monitoring convenience, making it easier for users to keep a close eye on operations.
Enhanced System Monitoring
Our system monitoring uses Elasticsearch and Kibana for message exchange data and Zabbix for server health data. Previously, configuring monitoring was not as convenient since our security server did not support Zabbix templates which is one of the main features for Zabbix administrators. Also, clients were not as happy that some values in Zabbix were not easily triggerable. We took our clients' feedback seriously and made considerable improvements in monitoring tools.
UXP now supports version 8.x of Elasticsearch and Kibana. Also, Elasticsearch deprecated Java High Level REST Client is replaced with Java API Client. Version 6.0 LTS of Zabbix is now supported and the official support for 4.0 LTS is discontinued.
With new Zabbix version, templates are now used for configuring security server hosts to Zabbix. Templates for both local security server monitoring and global UXP instance monitoring were added and registry server Zabbix templates improved. We also added some triggers to the templates, for instance, cases when security server is down, global configuration is expiring or disk is getting full. For better usability, we split items for UXP software packages, process statuses and uptime into separate items. Item value mapping was introduced for a better readability. Also, we added, removed and renamed some items where appropriate. For central monitoring, Kibana example visualisations and dashboard were improved.
Upgraded Components and Services
UXP product suite consists of UXP Core (Registry Server, Security Server, Verifier) as well as Monitoring Server, Directory, Connector and Trust Services (Certificate Registration Authority, Timestamping Authority, OCSP service). In the current release, almost all products got some important updates. These fall into two main categories:
- improvements in performance, security, and user interface;
- upgraded versions of third-party software components.
Security server now uses by default a "round-robin" load balancing algorithm to send requests to service provider security servers (in case of horizontally scaled setup of service provider's servers). The "round-robin" algorithm distributes the load between multiple security servers more evenly and thus can improve the performance of data exchange. We have added some more configuration parameters for security server to set values for logging and to enable/disable batch signatures. Some bugs were also fixed, including unexpected expiration of global configuration (caused by infinite connection timeout).
We created fixes for minor security issues found in security server penetration testing, such as limiting API key description length and the size of files uploaded into the server. There were also minor UI tweaks and unification of UI element styles. Among those, a member name is now visible alongside the member code in the security server UI. Registry server database migrations moved from Active Record to Liquibase and we started using generated password for registry server database.
For other products, Ubuntu 22.04 LTS was already earlier a recommended platform and Ubuntu 20.04 LTS a minimum supported platform. Now, UXP Directory and Connector got the same upgrade. Monitoring, Directory and Connector got a Java Runtime Environment upgraded to version 17 as well as other third-party libraries and components upgraded for better security and performance of the system. Also, a system log history is now stored for 60 days instead of previous 30 days.
UXP Trust Services were thoroughly analysed and all parts heavily upgraded for improved reliability. This means support for Ubuntu 22.04, updated Java, PostgreSQL JDBC driver, Wildfly, EJBCA and Signserver.
Conclusion
With the current release, our UXP software is getting one of the most widespread enhancements throughout the whole product suite. With that, we are bringing to our clients a better monitoring solution, more future-proof software, better security and performance. We hope that this further helps to facilitate seamless data exchange, integration, and connectivity within organisations and across various systems, applications, and services for our clients, eventually creating more trusted digital societies.
We encourage our clients to always upgrade the UXP software to the latest version. Also, we recommend them to use a test environment for testing UXP upgrades before deploying to production. If necessary, we provide hands-on support for upgrading.