R3 Docs R3 Docs Home

Release notes

  • Signing Service now starts correctly when used with the MSAL (Microsoft Authentication Library) for Azure Cloud HSM integration.
  • sshdHost can now be specified within the shell {} config block for the CENM services that support the interactive Shell.
  • Added a new optional host parameter in the enmListener configuration.
  • Added a new optional host parameter in the adminListener configuration.
  • The Zone Service can now be started either with a configuration file or with the existing command-line options. Any current deployments using the original method remain unaffected.
  • The Angel Service can now be started either with a configuration file or with the existing command-line options. Any current deployments using the original method remain unaffected.
  • Added Azure cloud HSM integration with the MSAL (Microsoft Authentication Library) dependency. While users can continue to use integration through ADAL (Azure Active Directory Authentication Library), it is now marked as deprecated.
  • Made the logging in CENM more consistent with Corda node logging. Errors appearing in CENM log files will be by default printed to the console now. This behaviour can be modified by providing a custom log4j2.xml file.
  • The Angel Service can now correctly resolve argument paths when the absolute path of the Angel Service JAR file contains spaces.
  • Users can now be reset in the Auth Service.
  • Error messages when submitting CRRs through the CRR Submission Tool are now improved.
  • Audit log messages are now correctly generated when users are added to a group.
  • The CENM logger respects custom log4j2.xml files now. You can now provide custom log4j2.xml files and CENM will use the custom logging configuration.
  • A warning emitted by Hibernate about equality of SignedNodeInfo has been eliminated.
  • Authentication Service: HTTP metrics have been disabled by default to secure CENM from the CVE-2023-34055 security vulnerability in Spring. The metrics can be enabled by setting the corda.management.metrics.enable.http.server.requests property to true.

The following table lists the dependency version changes between CENM 1.6 and CENM 1.6.1:

DependencyNameCENM 1.6CENM 1.6.1
org.bouncycastleBouncy Castle1.751.78.1
org.springframework.security.oauth:spring-security-oauth2Spring Security2.5.0.RELEASE2.5.2.RELEASE
org.springframework:spring-*Spring Framework5.3.275.3.39
org.springframework.security:*Spring Framework Security5.5.85.8.16
com.nimbusds:nimbus-jose-jwtNimbus JOSE+JWT8.199.48
com.fasterxml.jackson.core:*Jackson2.14.22.18.2
io.projectreactor:reactor-coreProject Reactor Core3.4.113.4.41
org.apache.tomcat.embed:tomcat-embed-*Apache Tomcat9.0.819.0.98
org.yaml:snakeyamlSnake YAML1.332.3
commons-io:commons-ioApache Commons IO2.11.02.18.0
info.picocli:picocliPicoCLI3.9.64.1.4
com.typesafe:configTypesafe Config1.3.41.4.0
org.testcontainers:testcontainersTestContainers1.14.31.15.2
org.mockito.kotlin:mockito-kotlinMockito Kotlin2.0.0-alpha012.2.0
org.junit.jupiter:junit-jupiter-apiJUnit Jupiter API5.6.15.6.2
commons-codec:commons-codecApache Commons Codec1.131.14
  • CENM now supports JDK Azul 8u422 and Oracle JDK 8u421.
  • CENM now supports version 9.x of the Red Hat Enterprise Linux production operating system.
  • CENM now supports Ubuntu Linux production operating system versions 20.04, 22.04, 24.04.
  • CENM now supports the following databases:
    • Microsoft version: SQL Server 2022.
    • Oracle version: 23.4.
    • PostgreSQL versions: 12.19, 13.3, 13.15, 14.12, 15.7, 16.3.
  • CENM now supports the following node databases:
    • Microsoft version: SQL Server 2022.
    • PostgreSQL versions: 12.19, 13.3, 13.15, 14.12, 15.7, 16.3.

For more information about CENM dependencies, see CENM support matrix.

  • CENM 1.6 has been upgraded to use Corda 4.11, the latest Corda 4 release.
  • Two network parameters for ledger recovery with Corda 4.11 have been added:
    • recoveryMaximumBackupInterval
    • confidentialIdentityMinimumBackupInterval
  • CENM now supports JDK Azul 8u382 and Oracle JDK 8u381.
  • Updated Typesafe Config version from 1.3.1 to 1.4.0 for the CENM CLI tool.

This release includes the following dependency version changes between CENM 1.5.9 and 1.6:

  • Hibernate has been upgraded from 5.4.32.Final to 5.6.14.Final.

  • Hibernate Validator has been upgraded to 6.2.5.Final.

  • Apache Tomcat has been upgraded from 9.0.80 to 9.0.81.

  • Bouncy Castle has been upgraded from 1.68 to 1.75.

  • H2 has been upgraded from 1.4.197 to 2.2.214.

    H2 database has been upgraded to version 2.2.224 primarily to address vulnerabilities reported in earlier versions of H2. H2 is not a supported production database and should only be used for development and test purposes. For detailed information regarding the differences between H2 version 1.4.197 used in previous versions of CENM, and the new H2 version 2.2.224 implemented in CENM 1.6, see the H2 documentation. The most important differences are the following:

    • Entity naming

      H2 version 2.2.224 implements stricter rules regarding the naming of tables and columns within the database. The use of SQL keywords is no longer permitted.

    • Backwards compatibility

      H2 version 2.x is not backwards-compatible with older versions. Limited backwards compatibility can be achieved by adding MODE=LEGACY to the H2 database URL. For more information, go to the LEGACY Compatibility Mode section of the H2 Features page.

      H2 2.x is unable to read database files created by older H2 versions. The recommended approach for upgrading an older database involves exporting the data and subsequently re-importing it into a new version 2.x database. Further details on this process are outlined on the H2 Migration to 2.0 page.

  • Liquibase has been upgraded from 3.6.3 to 4.20.0.

    • Logging

      In this version of Liquibase, all INFO-level logging is directed to STDERR, while STDOUT is used for logging SQL queries. Utilities that have implemented their own database migration code that uses Liquibase can establish their custom logger to capture Liquibase’s informational logging. The Liquibase API provides classes that can be used to integrate custom loggers.

Previous
Certificate Revocation List
Next
Release packs and checksums

Was this page helpful?

Thanks for your feedback!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Chat with us
Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.

Learn how

We're sorry this page wasn't helpful. Let us know how we can make it better!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Chat with us
Create an issue

Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.

Create a new issue
Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.

Learn how