X-tee Security Server software repositories:

TESThttp://x-tee.ee/packages/test/xroadWe recommend using this repository for X-tee development (ee-dev) and test (ee-test) environments if you want early access to the latest X-Road version and to make sure that newer software works without errors.

Stable and tested release. Production ready.

Official installation instructions for the newest version: https://x-tee.ee/docs/live/xroad/ig-ss_x-road_v6_security_server_installation_guide.html

The Security Server updating process depends on which version is currently in use on the Security Server.

Upgrading the security server from the previous version to the latest version

sudo apt update
sudo apt install xroad-securityserver-ee

# All X-Road packages should be with dpkg prefix "ii"
dpkg -l | grep xroad

# last do a general OS upgrade
sudo apt dist-upgrade

My security server is version 6.26

Upgrading to version 7.0.0 can only be done from version 6.26.0

As of version 6.26, it is necessary to use AdoptOpenJDK 8 software instead of the regular OpenJDK 8, as  OpenJDK 8 is not supported since April 2021.

To install it, you need to complete the AdoptOpenJDK installation guide .

I have a Security Server with a previous software version 6.22.x, 6.23.x, 6.24.x or 6.25.x

Please upgrade your security server to 6.26.0. To update the security server, you must update the APT repo and install version 6.26.0. Don't forget to update your operating system yourself! As of version 6.25.0, Ubuntu 20.04 (focal) support has been added.

sudo apt update

# The next long command needs to be entered in its entirety
sudo apt install -y xroad-securityserver-ee = 6.26.0-1.ubuntu18.04 xroad-securityserver = 6.26.0-1.ubuntu18.04 xroad-addon-opmonitoring = 6.26.0-1.ubuntu18.04 xroad- proxy = 6.26.0-1.ubuntu18.04 xroad-opmonitor = 6.26.0-1.ubuntu18.04 xroad-addon-metaservices = 6.26.0-1.ubuntu18.04 xroad-addon-messagelog = 6.26.0-1 .ubuntu18.04 xroad-addon-proxymonitor = 6.26.0-1.ubuntu18.04 xroad-addon-wsdlvalidator = 6.26.0-1.ubuntu18.04 xroad-base = 6.26.0-1.ubuntu18.04 xroad-confclient = 6.26.0-1.ubuntu18.04 xroad-proxy-ui-api = 6.26.0-1.ubuntu18.04 xroad-nginx = 6.26.0-1.ubuntu18.04 xroad-signer = 6.26.0-1. ubuntu18.04 xroad-monitor = 6.26.0-1.ubuntu18.04 xroad-addon-hwtokens = 6.26.0-1.ubuntu18.04

# It is necessary to mark packages as installed automatically, otherwise there will be a manual flag for them
sudo apt-mark auto xroad-securityserver xroad-addon-opmonitoring xroad-proxy xroad-opmonitor xroadaddon-metaservices xroad-addon-messagelog xroad-addon-proxymonitor xroad-addon-wsdlvalidator xroadbase xroad-confclient xroad-proxy-ui-api xroad nginx xroad-signer xroad-monitor xroad-addon-hwtokens xroad-addon-metaservices xroad-base

Some X-Road packages are in the state "rc" others "ii"

Since v6.24.0 xroad-jetty9 and xroad-nginx packages aren't used any more. They can be removed using "apt purge package-name"

$ dpkg -l | grep xroad
ii  xroad-addon-messagelog           6.24.0-1.ubuntu18.04                all          X-Road AddOn: messagelog
ii  xroad-addon-metaservices         6.24.0-1.ubuntu18.04                all          X-Road AddOn: metaservices
ii  xroad-addon-opmonitoring         6.24.0-1.ubuntu18.04                all          X-Road AddOn: operations monitoring service
ii  xroad-addon-proxymonitor         6.24.0-1.ubuntu18.04                all          X-Road AddOn: proxy monitoring metaservice
ii  xroad-addon-wsdlvalidator        6.24.0-1.ubuntu18.04                all          X-Road AddOn: wsdlvalidator
ii  xroad-base                       6.24.0-1.ubuntu18.04                amd64        X-Road base components
ii  xroad-confclient                 6.24.0-1.ubuntu18.04                amd64        X-Road configuration client components
rc  xroad-jetty9                     6.23.0-1.ubuntu18.04                all          Jetty9 for X-Road purposes
ii  xroad-monitor                    6.24.0-1.ubuntu18.04                all          X-Road monitoring service
rc  xroad-nginx                      6.23.0-1.ubuntu18.04                amd64        X-Road nginx component
ii  xroad-opmonitor                  6.24.0-1.ubuntu18.04                all          X-Road operations monitoring daemon
ii  xroad-proxy                      6.24.0-1.ubuntu18.04                all          X-Road security server
ii  xroad-proxy-ui-api               6.24.0-1.ubuntu18.04                all          X-Road proxy UI REST API
ii  xroad-securityserver             6.24.0-1.ubuntu18.04                all          X-Road security server
ii  xroad-securityserver-ee          6.24.0-1.ubuntu18.04                all          X-Road security server with Estonian settings
ii  xroad-signer                     6.24.0-1.ubuntu18.04                amd64        X-Road signer component

# to removesudo apt purge xroad-jetty9 xroad-nginx

The first two letters in the list of available packages indicate the status of the installation:

  • "ii" means that the package is installed correctly
  • "rc" indicates that the package has been removed from the server and only its configuration files (conf) remain

All X-Road packages in the "rc" state can be safely removed with the command:

sudo apt purge xroad-jetty9 xroad-nginx

NB: Version 6.24 also changes the structure of security server URLs due to the addition of the # symbol. For example: https://internalAddress:4000/#/clients.

The easiest way to access the admin interface is through port 4000: https://internalAddress:4000. This will take you to the correct address.

My Security Server version is 6.21.x. Using Ubuntu 18

The Security Server must be upgraded to at least version 6.22.1 or 6.23.0 with the command below (the version number can be changed in the command). If the intermediate upgrade is successful, you can use the general upgrade command from the first point.

sudo apt update

# This command must be entered as one line
sudo apt install -y xroad-securityserver-ee=6.23.0-1.ubuntu18.04 xroad-securityserver=6.23.0-1.ubuntu18.04 xroad-addon-opmonitoring=6.23.0-1.ubuntu18.04 xroad-proxy=6.23.0-1.ubuntu18.04 xroad-opmonitor=6.23.0-1.ubuntu18.04 xroad-addon-metaservices=6.23.0-1.ubuntu18.04 xroad-addon-messagelog=6.23.0-1.ubuntu18.04 xroad-addon-proxymonitor=6.23.0-1.ubuntu18.04 xroad-addon-wsdlvalidator=6.23.0-1.ubuntu18.04 xroad-base=6.23.0-1.ubuntu18.04 xroad-confclient=6.23.0-1.ubuntu18.04 xroad-jetty9=6.23.0-1.ubuntu18.04 xroad-confclient=6.23.0-1.ubuntu18.04 xroad-nginx=6.23.0-1.ubuntu18.04 xroad-signer=6.23.0-1.ubuntu18.04 xroad-monitor=6.23.0-1.ubuntu18.04 xroad-addon-hwtokens=6.23.0-1.ubuntu18.04

# add auto flag for future upgrades
sudo apt-mark auto xroad-securityserver xroad-addon-opmonitoring xroad-proxy xroad-opmonitor xroadaddon-metaservices xroad-addon-messagelog xroad-addon-proxymonitor xroad-addon-wsdlvalidator xroadbase xroad-confclient xroad-jetty9 xroad-confclient xroad-nginx xroad-signer xroad-monitor xroad-addon-hwtokens

My Security Server still uses the old Ubuntu 14

Ubuntu 14 support ended in April 2019, so Ubuntu 18 must be deployed on the Security Server. Intermediate versions of Ubuntu are not supported by X-Road software.

When upgrading, it is very important to follow the upgrade sequence in the guide:

  1. Owners of software older than 6.21 must upgrade the Security Server software to 6.21.1 or 6.21.2:

    1. Add the missing line to the file: /etc/apt/sources.list.d/xroad.list

      deb http://x-tee.ee/packages/test/xroad trusty main
    2. Remove the lines that contain http://x-road.eu/
    3. Update the repository key

      curl https://x-tee.ee/packages/xroad_repo.gpg | sudo apt-key add -
      sudo apt-get update
    4. First, upgrade PostgreSQL. (PostgreSQL v9.4 users can use „postgresql-9.4“ in the command)

      sudo apt-get install postgresql-9.3 --only-upgrade
    5. Install the new software

      sudo apt-get dist-upgrade
  2. I'm installing a new Ubuntu 18 or upgrading to the current 18th version:
    1. Security Server Ubuntu 14.04 to 18.04 Upgrade Using a Configuration Backup: https://x-tee.ee/docs/live/xroad/XTEE-SecurityServerUbuntu14.04to18.04UpgradeUsingaConfigurationBackup.pdf
    2. Security Server Ubuntu 14.04 to 18.04 In-place Upgrade: https://x-tee.ee/docs/live/xroad/XTEE-SecurityServerUbuntu14.04to18.04In-placeUpgrade.pdf

We recommend that you choose option a, so you can use your existing Ubuntu 14 to exchange data until you upgrade to a new Ubuntu 18 machine in the background.