I’m happy to announce the general availability of Corda Enterprise 4.2 to our customers. 4.2 continues R3’s leadership, and commitment, to enterprise grade blockchain capabilities.
Further support for Hardware Security Modules
Our main focus with this release is to continue work on securing the cryptographic keys using hardware security modules typically found in enterprise environments. In Corda 4.0 we introduced the ability to store signing keys in an HSM. In this release we add the ability to store the other key types in a participant node. These include keys related to the TLS (transport layer security) as well as confidential identity keys.
Note that confidential identities may result in a significant number of key pairs being generated by the node. HSMs handle this in different ways so it is important to select the HSM that best fits your intended deployment architecture.
We also have added additional HSMs requested by our customers including Securosys. We are continuing work to ensure all our HSMs support all three key types, so please check the HSM support list to determine the support level for your HSM including model and firmware versions.
We’ve also added a smaller set of improvements in this release that you can take advantage of. Operational capabilities of the node is a key focus of our work as we see more instances Corda Enterprise being deployed into production systems. Improvements include:
- Logging improvements for the HSM and vault to give more insights into what is happening in the node.
- A notary registration tool that assists in distribution of a shared key among the nodes of a notary cluster.
- Corda firewall deployment improvements. The firewall can check CRLs (certificate revocation lists) to ensure it does not connect to unlisted nodes.
- Flow management improvements with the checkpoint tool which outputs information about flows currently running on a node.
As always, you can get a full breakdown of what is in this release from the release notes. Be sure to select the correct release number from the navigation. If you have priorities that you want to ensure are reflected in our product roadmap feel free to notify our Product Management team at firstname.lastname@example.org