X-Road v7.4.0 Release Notes

XRDDEV-50

New

Make it possible to disable a subsystem temporarily on a Security Server. Disabling a subsystem temporarily enables the Security Server administrator to disable a subsystem so that all the services added under the subsystem cannot receive requests. If the same subsystem is registered on multiple Security Servers, disabling the subsystem on one Security Server doesn’t affect the others. Disabling a subsystem doesn’t change any configuration items regarding the subsystem or its services, it just makes the association between the Security Server and subsystem invisible to other Security Servers so that they cannot send requests to it. Similarly, a disabled subsystem cannot be used as a service client either.

Note 1: When a subsystem is disabled, all the services under it stop receiving service requests immediately. However, the Security Server may receive service requests targeted to the services under the disabled subsystem for a couple of minutes after a subsystem has been disabled until the change is propagated to all the Security Servers. In that case, the requests are not forwarded to the service provider information systems by the Security Server. Instead, all service requests received during that time period fail and an error message is returned to the service consumer.

Note 2: The Central Server Administrator must refresh the management services WSDL on the management Security Server(s) and configure access rights for the new management service.

XRDDEV-227

New

Make it possible to change the Security Server address in global configuration from the Security Server administrator UI and management REST API. The change is approved automatically by the Central Server, and it doesn’t require a manual approval from the Central Server administrator. By default, the change becomes visible to all the Security Servers in the ecosystem within a couple of minutes.

Note 1: When changing the Security Server address, the address visible on top of the Security Server UI is updated only after logging out and logging back in to the UI.

Note 2: The Central Server Administrator must refresh the management services WSDL on the management Security Server(s) and configure access rights for the new management service.

XRDDEV-445

Improvement

Replace the SHA-1 hashing algorithm with SHA-256. The change is fully backwards compatible and therefore, it doesn't apply to the authentication certificate hash in global configuration V2 and querying OCSP responses between the Security Servers.

XRDDEV-824

Improvement

Add support for enforcing new key creation when generating a certificate sign request (CSR) for authentication and signing keys on the Security Server. The feature is enabled by default which means that it’s not possible to generate a new CSR for a key that already has an existing certificate. The feature can be disabled by setting the proxy-ui-api.allow-csr-for-key-with-certificate system property to true on the Security Server.

XRDDEV-1203

New

Add support for managing the registration and management service TLS key and certificate using the Central Server UI and management REST API. Starting from version 7.4.0, the registration and management service TLS key and certificate can be recreated and downloaded using the Central Server UI and management REST API. Also, it's possible to create a certificate sign request (CSR) and upload a certificate issued by a trusted Certificate Authority (CA). The filenames are change from /etc/xroad/ssl/internal.key to /etc/xroad/ssl/management-service.key and from /etc/xroad/ssl/internal.crt to /etc/xroad/ssl/management-service.crt.

Note: When the key and certificate are rotated, and mTLS is enabled between the management Security Server and the management services, the new certificate must be updated to the management Security Server.

XRDDEV-1689

Improvement

Introduce updated version of the global configuration to support upcoming features. New global configuration version is V3. Also global configuration V2 remains supported for backwards compatibility. Security Servers older than version 7.4.0 use global configuration V2 while Security Servers starting from version 7.4.0 use global configuration V3. Global configuration V3 is extensible and it provides a capability to add new optional elements without breaking backwards compatibility.

XRDDEV-1983

Improvement

Update store names on the Security Server web interface to be in line with the recommended naming convention with Pinia.

XRDDEV-1997

Improvement

Introduce mapping groups to X-Road system groups to support central management of the Central Server and Security Server web interface users via LDAP. The Central Server and Security Server administrator user permissions are managed using X-Road-specific Linux groups that are mapped to X-Road user roles. An administrator must be a member of the X-Road-specific groups in order to access the management UI.

Starting from version 7.4.0, it’s possible to map additional Linux groups to X-Road user roles using the proxy-ui-api.complementary-user-role-mappings and admin-service.complementary-user-role-mappings system properties. It enables granting administrators permissions to the management UI using existing Linux groups instead of adding administrators to the X-Road-specific groups. For example:

/etc/xroad/conf.d/local.ini

More information about the properties is available in the X-Road System Parameters User Guide.

XRDDEV-1999

New

Make it possible to define what the minimum supported version of a communication partner's Security Server is allowed to be. Starting from version 7.4.0, service providers are able to configure a minimum required X-Road software version for client Security Servers. It means that client Security Servers older than the configured version are not able to access services anymore.

Service providers can configure the required minimum version using the proxy.server-min-supported-client-version system property. By default, the property doesn't have any value which means that a minimum version hasn't been set. Instead, when the value is set, all the minor and patch versions starting from the configured version are approved. More information about the property is available in the X-Road System Parameters User Guide.

X-Road Operators may set this value in the country-specific meta packages, e.g., Estonia and Finland are setting the value to three latest versions which means that requests that are originating from client Security Servers older than version 7.2.0 are not accepted anymore in the Estonian and Finnish X-Road ecosystems. The value is rolling which means that it changes for every X-Road minor version, e.g., when version 7.5.0 is released, the minimum supported version is 7.3.0.

XRDDEV-2028

Improvement

Improve the Security Server proxy components logging so that it logs a warning if it was unable to connect to a node of a clustered Security Server. Only log an error if connecting to all nodes failed.

XRDDEV-2263

Fix

Update the Central Server web interface from Vue 2 to Vue 3.

XRDDEV-2398

Fix

Improve timestamping service recovery on the Security Server so that it is able to correctly recover on all nodes of the cluster when the service becomes available again.

XRDDEV-2403

Improvement

Migrate ASIC container hash-chain verification utility from Ruby to JAVA.

XRDDEV-2412

Improvement

Improve signer components test coverage in preparation of migrating it to gRPC.

XRDDEV-2419

Fix

Deprecate old rate-limiting configuration parameters on the Security Server so that we only use one method for configuring them on both the Security Server and Central Server.

The deprecated parameters are:

• request.sizelimit.regular

• request.sizelimit.binary.upload

• ratelimit.requests.per.second

• ratelimit.requests.per.minute

The following parameters should be used instead:

• request-sizelimit-regular

• request-sizelimit-binary-upload

• rate-limit-requests-per-second

• rate-limit-requests-per-minute

Please see the System Parameters Guide for details.

XRDDEV-2440

Fix

Improve role checks on the Security Server frontend so that certain roles don't mistakenly try to request data they don't have access to.

XRDDEV-2441

Fix

Fix and issue on the Security Server frontend that caused the "Add localngroup" dialog to not correctly close in case of errors.

XRDDEV-2444

Fix

Fix potential replay attack issue with the initialization flow of the Central Server.

XRDDEV-2445

Fix

Fix localization issues on the Security Server and Central Server web interfaces.

XRDDEV-2455

Improvement

Make it possible to navigate from member details to Security Server details using the owned servers table in the Central Server web interfaces member details view.

XRDDEV-2456

Improvement

Allow the user to input more than 25 characters as the search criteria in the member and Security Server table views on the Central Server web interface.

XRDDEV-2457

Improvement

Improve the usability of filter fields on the Central Server web interface so that the user wouldn't need to double click the field to search.

XRDDEV-2461

Fix

Fix issue with the service client URL not being validated correctly when edited on the Security Server.

XRDDEV-2462

Fix

Fix issue where the add client service access rights default view would send the incorrect empty value for filtering.

XRDDEV-2463

Fix

Update the Security Server web interface from Vue 2 to Vue 3.

XRDDEV-2465

Improvement

Show a help text in the Security Server UI when the enforce-token-pin-policy property has been enabled and the strict PIN policy rules are enforced. The help text contains the rules so that the user knows what are the complexity requirements for the PIN code.

XRDDEV-2468

Improvement

Migrate the signer component interactions from Akka to gRPC.

Note: Any Akka-related system properties are not supported anymore starting from version 7.4.0, e.g., <component>.akka.remote.artery.advanced.maximum-frame-size. If Akka-related system properties have been used to override Akka's default configuration values, they should be manually removed from the configuration.

XRDDEV-2469

Improvement

Disable showing Liquibase banner during installations to make the installation output less cluttered.

XRDDEV-2470

Fix

Fix an issue that enabled registering Security Servers with duplicate codes on the Central Server under certain conditions.

XRDDEV-2472

Improvement

Introduce a safer way to add new unique constraints on existing database fields on the Central Server, which also runs checks to verify the state of the database beforehand.

XRDDEV-2474

Fix

Fix an issue that caused the new Central Server backups to exclude the Nginx configurations for management and registration services.

XRDDEV-2475

Fix

Fix an issue that caused the automatically re-created configuration anchor not to contain the new signing key after new signing key creation on the Central Server.

XRDDEV-2476

Improvement

Improve messagelog addons test coverage in preparation of migrating it to gRPC.

XRDDEV-2477

Improvement

Improve op-monitor addons test coverage in preparation of migrating it to gRPC.

XRDDEV-2478

Improvement

Improve proxymonitor addons test coverage in preparation of migrating it to gRPC.

XRDDEV-2479

Improvement

Improve environmental monitoring components test coverage in preparation of migrating it to gRPC.

XRDDEV-2480

Fix

Fix incorrect file name when downloading the Security Server's OpenAPI description via the API.

XRDDEV-2483

Fix

Fix an issue with the edit Security Server address field not showing the current address on the Central Server web interface.

XRDDEV-2485

Improvement

Migrate the proxymonitor and xroad-monitor addon interactions from Akka to gRPC.

Note: Any Akka-related system properties are not supported anymore starting from version 7.4.0, e.g., <component>.akka.remote.artery.advanced.maximum-frame-size. If Akka-related system properties have been used to override Akka's default configuration values, they should be manually removed from the configuration.

XRDDEV-2486

Improvement

Migrate the environmental monitoring component interactions from Akka to gRPC.

Note: Any Akka-related system properties are not supported anymore starting from version 7.4.0, e.g., <component>.akka.remote.artery.advanced.maximum-frame-size. If Akka-related system properties have been used to override Akka’s default configuration values, they should be manually removed from the configuration.

XRDDEV-2487

Improvement

Migrate op-monitor addong interactions from Akka to gRPC.

Note: Any Akka-related system properties are not supported anymore starting from version 7.4.0, e.g., <component>.akka.remote.artery.advanced.maximum-frame-size. If Akka-related system properties have been used to override Akka’s default configuration values, they should be manually removed from the configuration.

XRDDEV-2488

New

Introduce a way to include dynamic values in metapackage build process. Introduce automatic minimum supported version setting to the Estonian and Finnish metapackages syncing it with the minimum supported version of time of release.

XRDDEV-2490

New

Migrate X-Road components to JAVA 17. Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and RHEL8 platforms are migrated automatically from Java 11 to Java 17. Instead, the RHEL7 platform requires manual configuration steps.

The Java 17 installation instructions for RHEL7 are available in the Security Server Installation Guide for RHEL.

XRDDEV-2491

Fix

Update the Security Server and Central Server management services to Spring Boot 3.

As a part of the upgrade, bump the minimum supported PostgreSQL version to version 12. For the RHEL7 platform, a manual upgrade is required. The instructions for the migration are available in the Knowledge Base.

XRDDEV-2493

New

Make it possible to configure the Central Server to use HTTPS with a trusted CA for publishing global configuration.

A new private key and a self-signed TLS certificate are created automatically when installing a new Central Server or upgrading an existing installation from an older version. After the installation or upgrade, the Central Server Administrator is required to manually apply for a TLS certificate from a trusted Certificate Authority (CA) and then configure the certificate. More information about configuring a trusted TLS certificate is available here. This step is required, because the Security Server does not trust the new automatically generated self-signed certificate by default. The Security Server supports disabling certificate verification, but it is not recommended to disable it in production environments.

Starting from version 7.4.0, the global configuration will be available on the Central Server ports 80 and 443. The old HTTP endpoint on port 80 guarantees that older Security Servers that do not support downloading global configuration over HTTPS continue to work normally. Also, the new Security Servers that support downloading global configuration over HTTPS will fall back to HTTP if the TLS certificate of the new HTTPS endpoint is not properly configured.

Changes in the global configuration download ports may cause changes to firewall configuration on the Central Server since inbound traffic from the Security Servers to port 443 must be allowed.

Note: When upgrading the Central Server from version < 7.4.0 to version >= 7.4.0, the configuration anchor must be re-generated, distributed to all the Security Server administrators through an external channel (e.g., email) and imported to each Security Server to enable downloading global configuration over HTTPS. Without the new configuration anchor Security Servers will continue to download global configuration over HTTP.

XRDDEV-2494

New

Make it possible to configure the Configuration Proxy to use HTTPS with a trusted CA for publishing global configuration.

A new private key and a self-signed TLS certificate are created automatically when installing a new Configuration Proxy or upgrading an existing installation from an older version. After the installation or upgrade, the Configuration Proxy Administrator is required to manually apply for a TLS certificate from a trusted Certificate Authority (CA) and then configure the certificate. More information about configuring a trusted TLS certificate is available here. This step is required, because the Security Server does not trust the new automatically generated self-signed certificate by default. The Security Server supports disabling certificate verification, but it is not recommended to disable it in production environments.

Starting from version 7.4.0, the global configuration will be available on the Configuration Proxy ports 80 and 443. The old HTTP endpoint on port 80 guarantees that older Security Servers that do not support downloading global configuration over HTTPS continue to work normally. Also, the new Security Servers that support downloading global configuration over HTTPS will fall back to HTTP if the TLS certificate of the new HTTPS endpoint is not properly configured.

Changes in the global configuration download ports may cause changes to firewall configuration on the Configuration Proxy since inbound traffic from the Security Servers to port 443 must be allowed.

Note: When upgrading the Configuration Proxy from version < 7.4.0 to version >= 7.4.0, the configuration anchor must be re-generated, distributed to all the Security Server administrators through an external channel (e.g., email) and imported to each Security Server to enable downloading global configuration over HTTPS. Without the new configuration anchor Security Servers will continue to download global configuration over HTTP.

XRDDEV-2495

New

Make it possible for the Security Server to use global configuration provided by a new HTTPS endpoint that uses a TLS certificate issued by a trusted CA. By default, the Security Server tries to download the global configuration over HTTPS and verify the global configuration download endpoint's TLS certificate. If the verification fails or the HTTPS endpoint is not available for some other reason, the Security Server uses the old HTTP endpoint. Also, the Security Server supports disabling certificate verification, but it is not recommended to disable it in production environments.

The global configuration download TLS certificate verification can be enabled/disabled using the configuration-client.global_conf_tls_cert_verification property. Instead, the global configuration download hostname verification can be enabled/disabled using the configuration-client.global_conf_hostname_verification property. More information about the properties is available in the X-Road System Parameters User Guide.

Changes in the global configuration download ports may cause changes to firewall configuration on Security Server since outbound traffic to the Central Server and Configuration Proxy port 443 must be allowed.

Note: To enable downloading global configuration over HTTPS, a configuration anchor generated using the Central Server version 7.4.0 or later must be imported to the Security Server.

XRDDEV-2496

New

Add ACME server URL and IP address properties to CA entity's configuration in global configuration V3 schema. The new properties are not used for anything yet. Instead, they will be used by the ACME support scheduled for version 7.5.0.

XRDDEV-2498

Improvement

Migrate the messagelog addon interactions from Akka to gRPC.

Note: Any Akka-related system properties are not supported anymore starting from version 7.4.0, e.g., <component>.akka.remote.artery.advanced.maximum-frame-size. If Akka-related system properties have been used to override Akka’s default configuration values, they should be manually removed from the configuration.

XRDDEV-2502

Improvement

Improve the API key management security so that the user is only able to create API keys with the roles that they themselves have. Only a user with the “System Administrator” role is able to create API keys with the “Management Services” role.

XRDDEV-2512

Fix

Fix issue where adding management and registration service keys during Central Server installation could fail silently. Now a warning is logged if there was an issue.

XRDDEV-2519

Improvement

Add support for rotating global configuration sign keys on the Central Server without having to distribute a new version of the configuration anchor.

Starting from version 7.4.0, the Central Server sign keys are included in the global configuration. Thanks to this, rotating the sign keys is possible without importing a new version of the configuration anchor to each Security Server. Instead, the Security Server gets the sign key from the global configuration directly and applies it immediately. Importing the configuration anchor to the Security Server manually is also possible, but it's required only when the Security Server is initialised for the first time.

Note 1: When rotating the global configuration sign key, the new sign key must not be activated immediately. Instead, please wait for at least a couples of minutes before activating it so that there's enough time for the new sign key to be propagated to all the Security Servers. By default, the Central Server regenerates the global configuration files once per minute and the Security Servers download the global configuration once per minute. Therefore, it may take a couple of minutes before the new key has reached all the Security Servers. Also, if the default interval values have been changed, the required time may be longer.

Note 2: If a Security Server has been offline / turned off when the global configuration sign key has been rotated, an updated version of the configuration anchor including the new sign key must be manually uploaded to the Security Server.

Note 3: When federation is used, after rotating the global configuration sign key, a new configuration anchor must be generated, shared with the operators of federated X-Road ecosystems and uploaded to the federated ecosystems' Central Servers and Configuration Proxies. Otherwise, Security Servers registered to a federated ecosystem after the key rotation, do not trust the new key when they try to download the federated ecosystem's global configuration.

XRDDEV-2520

Improvement

Add support for publishing REST services using the OpenAPI 3.1 service description. The supported OpenAPI versions are now 3.0 and 3.1.

XRDDEV-2521

New

Change the default client information system inbound communication ports are from 80 to 8080 and from 443 to 8443 on Ubuntu-based Security Servers. In this way, the default ports are consistent regardless of the hosting operating system.

The change is applied to new installations only and existing installations are not affected by it. Also, if custom ports have been configured locally by the Security Server administrator, they are not affected.

X-Road Operators may set the default port values in the country-specific meta packages. The Estonian ecosystem continues to use ports 80 and 443 by default for new installations after the change.

XRDDEV-2525

Improvement

Add support for adding a new OCSP service without a certificate to the Central Server. If an OCSP service uses a certificate that's issued by the root certificate of the CA that the OCSP service is associated with and the root certificate is uploaded to the Central Server, uploading the OCSP service's certificate to the Central Server is not mandatory.

XRDDEV-2528

Fix

Set maximum length for the Security Server username and password.

XRDDEV-2529

Improvement

Implement the SameSite cookie on the Security Server.

XRDDEV-2531

Fix

Fix a problem that caused the Edit token view to crash on the Security Server when refreshing the page.

XRDDEV-2538

Fix

Update the /var/log/xroad/proxy_ui_api_access.log log file rolling policy so that the configuration is consistent with other Security Server components.

XRDDEV-2543

Fix

Minor fixes to Central Server permissions.

Java

11

17

Spring Boot

2.7.12

3.1.5

Jetty

9.4.51.v20230217

11.0.17

Tomcat

9.0.75

10.1.13

Hibernate

5.6.15

6.2.9

Log4j2

2.17.2

2.20.0

Akka

2.1.13

-

Akka was replaced with gRPC

gRPC

-

1.58.0

Vue

2.6.14

3.3.4

Vuetify

2.6.10

3.3.19

andresrosenthal

enelir

justasnortal

mikkbachmann

mloitm

ovidijusnortal

petkivim

raits

ricardas-buc

VPaliliunas

Bionic

^{deb https://artifactory.niis.org/xroad-release-deb focal-7.4.0 main}

Focal

^{deb https://artifactory.niis.org/xroad-release-deb jammy-7.4.0 main}

RPM / RHEL7

^{https://artifactory.niis.org/xroad-release-rpm/rhel/7/7.4.0/}

RPM / RHEL8

^{https://artifactory.niis.org/xroad-release-rpm/rhel/8/7.4.0/}

Docker

https://hub.docker.com/r/niis/xroad-security-server-sidecar

https://artifactory.niis.org/api/gpg/key/public

935CC5E7FA5397B171749F80D6E3973B

A01B FE41 B9D8 EAF4 872F A3F1 FB0D 532C 10F6 EC5B

Ubuntu key server

xroad-addon-hwtokens_7.4.0-1.ubuntu20.04_amd64.deb

774fd490720630c05ce8983f6b6ffa4f4c3ae8ddc6aa224f7947397d9db7afbc

xroad-addon-messagelog_7.4.0-1.ubuntu20.04_all.deb

f16fc78c945a54cd37fdb935686335373912f4c6ebd7ded2a99c26e3f1a3c366

xroad-addon-metaservices_7.4.0-1.ubuntu20.04_all.deb

b9c2cb716d41b034f39acaf8c78cc4329d62525a89c062ab6d63ec31b910252f

xroad-addon-opmonitoring_7.4.0-1.ubuntu20.04_all.deb

593ef8ed631696f6ca3290fc92edcaa21e5479a354eb269e76560313031dacbb

xroad-addon-proxymonitor_7.4.0-1.ubuntu20.04_all.deb

60d87312c12583c99c8351c529e53ffc5f4a64eb174205287ef6e71a9b6fa988

xroad-addon-wsdlvalidator_7.4.0-1.ubuntu20.04_all.deb

9137d9fce055250a538a3cf2e81b3f413862702736334aaf1c343466a5e182b8

xroad-autologin_7.4.0-1.ubuntu20.04_all.deb

a1ce304245cc6753e689cc6fee9cd63b54ddbe0d9919653af76a05761f2d3b37

xroad-base_7.4.0-1.ubuntu20.04_amd64.deb

2ff637432a5ea5ab1eac2487624426a241ffe82cfb617f954bf757b38c112481

xroad-center_7.4.0-1.ubuntu20.04_all.deb

fee129b0c0e1803df3310c28b25fb59aa7e1cd9f6b70e0bb2acb75b87f585938

xroad-center-management-service_7.4.0-1.ubuntu20.04_all.deb

4a16e6b77436d25cb76e1926c94ec4e597036d7e2cc303dce36358bf069363b0

xroad-center-registration-service_7.4.0-1.ubuntu20.04_all.deb

7a8b9762bd80ae15c42be51cc8438e5041f1b8e38bf7d6473467b58a4db1d4fe

xroad-centralserver_7.4.0-1.ubuntu20.04_all.deb

94d8f26c6b4bae3138ed4bb2b7fb52b98125d7e77acd3ad597eeb95e264d77c2

xroad-centralserver-monitoring_7.4.0-1.ubuntu20.04_all.deb

84acbabb33b6f6ca5cb4de0905a6644123770fa6f5df1d49fdb3114047299179

xroad-confclient_7.4.0-1.ubuntu20.04_amd64.deb

af15bc92e96d65c7025c38537d9547e260a62f682fd7240601a59744834dea56

xroad-confproxy_7.4.0-1.ubuntu20.04_all.deb

97d7e56a98ab7d32c5fd5b4b46027a09785215f26365a4021923c58d36007488

xroad-database-local_7.4.0-1.ubuntu20.04_all.deb

782b513d4b90b35b3329b0fe5bf166e6b1f8d898c7ad502fb57e4c1d18fbd98c

xroad-database-remote_7.4.0-1.ubuntu20.04_all.deb

012ae0456473a32cd57f2a0aff9a5fce760f8497dbc92f6d0700167b004cf698

xroad-monitor_7.4.0-1.ubuntu20.04_all.deb

85806822fe9f86294e481e178ee61cf693b3ec3607b34bfa2c43b403c6227133

xroad-nginx_7.4.0-1.ubuntu20.04_amd64.deb

b0d186e08940f9f31bdf2de9582879f16ea10a0e07edb482310afb2e5ff949fc

xroad-opmonitor_7.4.0-1.ubuntu20.04_all.deb

d90ee5a11cd590456a2924d5208ddb7c7143aea7d47d41c6ba46ce762b9ed1f5

xroad-proxy_7.4.0-1.ubuntu20.04_all.deb

b694f7f955e3999d40932d218ddd95b6953b54561fa6493841abf1c9eb54f4c9

xroad-proxy-ui-api_7.4.0-1.ubuntu20.04_all.deb

2afab8e473f7b37e23bd05b61f7ae41229346f92721f50537e87b5e52b167bbc

xroad-securityserver_7.4.0-1.ubuntu20.04_all.deb

54895d5f33e66ab45361883e1fc22d44b75f891d5ffe9a80cec62f05901cc3e2

xroad-securityserver-fi_7.4.0-1.ubuntu20.04_all.deb

1084f8fe7b51747a26039021dd31bc6c27e71968aa77a45c30cfcf53699df395

xroad-securityserver-ee_7.4.0-1.ubuntu20.04_all.deb

74b1faa66d1b4b3b5d9fdb731b9f857d1c5766f760c0d4ec05a08d983d6b934f

xroad-securityserver-is_7.4.0-1.ubuntu20.04_all.deb

355c836958b41655b36a4ddbada663a6abd9b56f33473b1241ee8fb084863adb

xroad-securityserver-fo_7.4.0-1.ubuntu20.04_all.deb

1f22f462268ae02187c8000f15e026cdd68afd9f65433c382930dc76c95fd899

xroad-signer_7.4.0-1.ubuntu20.04_amd64.deb

ca90a60cc8885863291e076c545360264fbb7c46a6b0aa2e778a56293a526e1a

xroad-addon-hwtokens_7.4.0-1.ubuntu22.04_amd64.deb

1cd33c2d3e2bbf928b135e6df5734fc439dca9f6e78f799daa396b3b94253517

xroad-addon-messagelog_7.4.0-1.ubuntu22.04_all.deb

62dd9af0404f5f6ed10ec640fb8093667e3a7132811275afd3e1f28adba59e89

xroad-addon-metaservices_7.4.0-1.ubuntu22.04_all.deb

67a23af243f099a4adbff28b8e8e69b75924ae2780d49372f448806ed0532515

xroad-addon-proxymonitor_7.4.0-1.ubuntu22.04_all.deb

e497a25c7887ddc6f449d7158e490e9cec00679862e2cc2727319fc840f4e657

xroad-addon-opmonitoring_7.4.0-1.ubuntu22.04_all.deb

354f48e4600bf5b07a24c743ad685387b7758431dedb4f9d0851d6edbf043e54

xroad-addon-wsdlvalidator_7.4.0-1.ubuntu22.04_all.deb

d69e0eb1625f3173e08ca463a09e108244413f6e8a994ab131fc9e3a6b32dfa5

xroad-autologin_7.4.0-1.ubuntu22.04_all.deb

d6664067b0c6064b8d996beec0ce33e0acbcc2854e07fdbb817412a130ea6903

xroad-base_7.4.0-1.ubuntu22.04_amd64.deb

eeb1c63902180bbadca0b6c7f65ceb462df4ec301dafc0f2b0385a61837e26da

xroad-center_7.4.0-1.ubuntu22.04_all.deb

84c26417efe68e12f623617c9aaae570247b09af509e2851840dabdf3072564b

xroad-center-management-service_7.4.0-1.ubuntu22.04_all.deb

a0fa3db9b55b2b10bcb3d1a75b5df0881e37ed9f634aa8125b33b16cc28fc6a7

xroad-center-registration-service_7.4.0-1.ubuntu22.04_all.deb

f219165c4e029619975d26e8647fff96daf04d079472c71f2a9b4fd58f6f71f9

xroad-centralserver-monitoring_7.4.0-1.ubuntu22.04_all.deb

ad8e3d9f0bafa1199eae80fed8efb58cc4b64c8636b74e5db4315898c0a9f79c

xroad-centralserver_7.4.0-1.ubuntu22.04_all.deb

10c0f8e7210366c926573c9f08553d7dd14eb4049a107e22a6e14ef3beb668f1

xroad-confclient_7.4.0-1.ubuntu22.04_amd64.deb

d2aedbbc035394061367bc900df53ba22b0b402a83d403c94e5b949ace5cbc2f

xroad-confproxy_7.4.0-1.ubuntu22.04_all.deb

0668e94290b72d2decbd3a4ca6fa4fb3c56d2475b671ef738037f32358a07c91

xroad-database-local_7.4.0-1.ubuntu22.04_all.deb

a60a885a81650dc7d34e6fa4c3555dd849a838a49f4bd028f40ace95e0783217

xroad-database-remote_7.4.0-1.ubuntu22.04_all.deb

397950938967cffc2b85e66516375543b253c429fcc3990595aefe43ff47e938

xroad-monitor_7.4.0-1.ubuntu22.04_all.deb

6483b9991697ac6e2456b144a55c5df81d9e60662dfb463acafc736c30a20bcf

xroad-nginx_7.4.0-1.ubuntu22.04_amd64.deb

f9135a8ad23e2e556952f66b067b065c11aca8d7ae4f76be62d475034f77fe40

xroad-opmonitor_7.4.0-1.ubuntu22.04_all.deb

9e6e2cd6135efa9ef55daa6df631c4ca7bec8648b742e2549bff6f37512c8e5c

xroad-proxy_7.4.0-1.ubuntu22.04_all.deb

403b25c3ce4d3e766818ec15afcd4b04eb15d39607771182ce39ede8d8c4cc7a

xroad-proxy-ui-api_7.4.0-1.ubuntu22.04_all.deb

c3c9e0fd6e102975e8579fbdb8be7ba76aadda41782f09e778d958efebec290b

xroad-securityserver_7.4.0-1.ubuntu22.04_all.deb

ede66ecab297e5249e743c68557876e619464f9825e3c36fbb4786bbe4b7e967

xroad-securityserver-fi_7.4.0-1.ubuntu22.04_all.deb

3e8910d4efd2bfdb4f9bd79abc7c69f9fb7925089fae94ef3aa65b2174c1411a

xroad-securityserver-ee_7.4.0-1.ubuntu22.04_all.deb

42f652a57c51d0b61923d8e4d3d019307ed5c8749d1ad7c92b78a50b65bea86e

xroad-securityserver-fo_7.4.0-1.ubuntu22.04_all.deb

2822ca3085741172da59a192e87ecc1dd5049be7f8c06e1508b6500d004cf4b7

xroad-securityserver-is_7.4.0-1.ubuntu22.04_all.deb

3edb9cd61f865c098a5095544778077a2714d5ffe41ac7d1c6cbf308df0ee472

xroad-signer_7.4.0-1.ubuntu22.04_amd64.deb

e5ce6579b329cd0ec3ea3639fe288189ec50275176b64713c175551433b67e49

xroad-addon-messagelog-7.4.0-1.el7.x86_64.rpm

d901aa27e89726f6fe6fc765c93d25860c4639a104d745fa15e824a5c18d116b

xroad-addon-metaservices-7.4.0-1.el7.x86_64.rpm

5c5166e225f4dcd98d6d0038a518f40ff98843918e4ee567e203bc3baa6455ce

xroad-addon-opmonitoring-7.4.0-1.el7.x86_64.rpm

1066ff2bc2fa251782f1b3ab2862babecc009f00e4dc336c2eb54538c7459d92

xroad-addon-proxymonitor-7.4.0-1.el7.x86_64.rpm

e7ca53ef508d0111c5f6f56375be3a2251e33398fcd8284a0d58886d1296eb0a

xroad-addon-wsdlvalidator-7.4.0-1.el7.x86_64.rpm

545d91913738187403b49fe6c8e65ab21f5a799fa39f802b805efb1fb937633b

xroad-autologin-7.4.0-1.el7.noarch.rpm

fb087f087e430b7bac68d22ee5d5b4a65f427b8d106c66a3a2c5d430efc88080

xroad-base-7.4.0-1.el7.x86_64.rpm

e4c851b92f123cae912e03aa1832c1a5b4a5b7839cf2d9a633ea3962eb9b7fdb

xroad-confclient-7.4.0-1.el7.x86_64.rpm

f3e98c77422da93c13eabc0fc7dc9d5905fee425f93cbd0c02a668f35158ef4b

xroad-database-local-7.4.0-1.el7.noarch.rpm

c23b39b684d8ff9076983061698155db779b790b6baa7db1bcf5e20079dff816

xroad-database-remote-7.4.0-1.el7.noarch.rpm

d01435bc9d6f94a75e1ad92711caafdbefe9b5dcc98079e5465efcc893088de0

xroad-monitor-7.4.0-1.el7.x86_64.rpm

2d73108331a98cfa5b656705ff743e942eb471f3ea0ac570dcfc576395a07b51

xroad-opmonitor-7.4.0-1.el7.x86_64.rpm

440cb738f695f9a3318c7f3eda2070f0612232c06eb91e681b3ab20a92df809e

xroad-proxy-7.4.0-1.el7.x86_64.rpm

5642b62324ffd0c594179133344320e39929f2fab03106006a8801e22f645b81

xroad-proxy-ui-api-7.4.0-1.el7.x86_64.rpm

ccfc677da1e1579f6adb51312e409aea25e7b383311c3a689bdc9d83b79e3640

xroad-securityserver-7.4.0-1.el7.noarch.rpm

7b6a85e90b319c83e2b4417880ed345cd78a8cec138614ef6a866d426b838649

xroad-securityserver-fi-7.4.0-1.el7.noarch.rpm

2deb2bd640e324b671807153520c3b79b382c224aa13fe9cc9ba8914e7f6a1e3

xroad-securityserver-fo-7.4.0-1.el7.noarch.rpm

179e5e0e2f6c5578f3f6f8f14c2daca7d3b62cb92b362c87dd9015e177078e71

xroad-securityserver-is-7.4.0-1.el7.noarch.rpm

0b9524b2be53309cc9d7791881f61c21ef3367161d106eb80261034b7c8d4c09

xroad-signer-7.4.0-1.el7.x86_64.rpm

0af14a4efbfa294c806a3117ea1d1cb9646856ae6eabeb56f86b7df3fb627eb2

xroad-addon-messagelog-7.4.0-1.el8.x86_64.rpm

9732dd84be6e2d68f63f25dee75560651d61d9bdde4965fa212750f7030dceaa

xroad-addon-metaservices-7.4.0-1.el8.x86_64.rpm

35bbfd3652e722bb7f5defc296dec09f326fdabb9f68c813516445c927dc31c6

xroad-addon-opmonitoring-7.4.0-1.el8.x86_64.rpm

687cad26ce705f6b997638427202a8bd7eb667f0943f1f3c00c226c40799ec64

xroad-addon-proxymonitor-7.4.0-1.el8.x86_64.rpm

758056b6af06f5efbbd542d288ecc0f4b015a4c483dbf7935a8f37778a4c1ecf

xroad-addon-wsdlvalidator-7.4.0-1.el8.x86_64.rpm

39f019af7fb841433640c7905c370056f687ba997a5e47cd4365875362d6f8ee

xroad-autologin-7.4.0-1.el8.noarch.rpm

77c3c42329d8e870cfa565fe7692cf40a8ab670681e852e778b7e464e176523c

xroad-base-7.4.0-1.el8.x86_64.rpm

d3a77a4559943c6e07ebcf63f60971ef8693833bc26a250471c1148cbaf0beeb

xroad-confclient-7.4.0-1.el8.x86_64.rpm

b39ba9c9874d543e4567f7ace46ee3dec8676576e7a0b1170bc2aafd7a1d063d

xroad-database-local-7.4.0-1.el8.noarch.rpm

7ab2696c24ac0313b415f45442ea2f590e0a58f45170455d2201d93e80ac5ac3

xroad-database-remote-7.4.0-1.el8.noarch.rpm

aa5fd4650ce84bf748e65d98ee8a140a38dd18b6d643ad47dac4a676d2ea58e3

xroad-monitor-7.4.0-1.el8.x86_64.rpm

6e74668b491d731fc139dc66d432eb98538da6d57e3beac3ff5396941e2b2234

xroad-opmonitor-7.4.0-1.el8.x86_64.rpm

5deb4f8cb4cbdd1743321436c87c1ae5d3e4c4f53f6f0db9c1c84452dcb073cf

xroad-proxy-7.4.0-1.el8.x86_64.rpm

1c969f31d00b2e03eff1b55abf245225a268d385a40d0d9796cac69a65fc28a4

xroad-proxy-ui-api-7.4.0-1.el8.x86_64.rpm

3b503dc59515a5b7621db72f9f5723b6c22f4537491e879f09d0ffae463e0b61

xroad-securityserver-7.4.0-1.el8.noarch.rpm

c597905efbf8f0e2091a9308d34f72d17de464b51353619106fc95746bcfc5f8

xroad-securityserver-fi-7.4.0-1.el8.noarch.rpm

82777982f4373852e463096f9c5a06afe750e2319da4049ef8e4c3bfec2ae6d3

xroad-securityserver-fo-7.4.0-1.el8.noarch.rpm

7d124b112c6091b006e8e30802d9bd80ffd54ab1961218f59f8b92fdcfb40c3d

xroad-securityserver-is-7.4.0-1.el8.noarch.rpm

4b802efbceee6e5126687b6a0e91da9e0050a33368d5277fb2d98eb203a857d8

xroad-signer-7.4.0-1.el8.x86_64.rpm

0bc2fc2d90acca2069d8311c9b1283a47db28dbe3d45aa43666b621b4a9f7827