What's New in the November 2021 Payara Platform Release?

Photo of Rudy De Busscher by Rudy De Busscher

The November 2021 Payara Platform release is here!  Payara Platform Enterprise 5.33.0 includes 4 improvements, 4 bug fixes, and 2 component upgrades. The Payara Platform Community 5.2021.9 release offers 11 improvements, 6 bug fixes, and 11 component upgrades. 

You can download Payara Platform Community 5.2021.9here and request Payara Platform Enterprise 5.33.0 here. 

Read more below to learn more about the highlights of this release.

JDK 17 Support for Payara Server in Community Edition

We have updated the Payara code and dependencies so that Payara Server Community 5.2021.9 now runs on a JDK 17 version. We are still performing all our extended test suites before we put it in the Enterprise version as we want to ensure it is stable first. We recommend everyone interested in running on JDK 17 test this version in your own test environments and to report any issues you might encounter.

Support for systemD on Linux

Payara Server can be configured to start when the Operating System starts by defining it as a Service. In this release, we have added support for systemD on the Linux Operating System together with the existing systemV support we already provided.

The command to create a service for the Payara Server or instance stays the same;

./asadmin create-service <domain-name>

The command detects if the systemD is available and creates the necessary files to have Payara as a service on the machine. If systemD is not detected, it falls back to the older systemV solution we provided in the past.  You can also force one of the two systems by specifying the parameter system-type.

./asadmin create-service --system-type systemd <domain-name>

./asadmin create-service --system-type systemv <domain-name>

Besides Linux, we also support creating services on the Windows Operating system.

Option to use a Specific SSL Certificate for JAX-RS Client Connections

In most situations, it is enough to define that you want to use the SSL protocol if you want to connect to a remote endpoint that uses the secure protocols. When you are using the Jakarta Rest Client or the MicroProfile Rest Client features, defining https ensures that the certificate of the remote endpoint (server certificate) is verified and encryption of the data exchanged between the services is performed.

In some cases, you also need to provide a client certificate so the remote endpoint can verify that the client is allowed to perform the requested operation. In this November release, we have provided the possibility to specify a certificate alias that is included in the Payara TrustStore, or one of the additional TrustStores that you have defined. The certificate is then supplied to the remote endpoint for verification. This functionality is a Payara-specific addition to the Jakarta Rest Client and MicroProfile Rest Client implementations developed for the Payara Platform, and is not currently found in other implementations.

When using the JAX-RS client builder, you can use:

ClientBuilder.newBuilder()
.property(PayaraConstants.JAXRS_CLIENT_CERTIFICATE_ALIAS, "mykey")
.build();

 

Or the equivalent construct when you use The MicroProfile Rest Client specification:

RestClientBuilder.newBuilder()
.baseUri(apiUri)
.property(PayaraConstants.REST_CLIENT_CERTIFICATE_ALIAS, "mykey")
.build(MyServiceClient.class);

 

You can also define the certificate alias using a MicroProfile Config parameter when you use the interface option to define the remote endpoint functionality.

com.mycompany.remoteServices.MyServiceClient/payara/certificate.alias=mykey

Removed TLS1.0 and TLS1.1 Support within Docker Images

The Java version within the Docker images is upgraded to JDK 8 update 312 and JDK 11.0.13. Within these updates, the TLS protocols 1.0 and 1.1 are disabled as they are not considered safe anymore.

This does not impact your applications in most cases.  Payara Server and Payara Micro can still handle https connections and the code running on them can still call remote endpoints using the TLS protocol. 

In some rare situations, you can encounter an issue when the client that connects to your endpoints forces the version that is no longer available. The same can happen when you create a Socket and specify that TLS 1.0 or TLS 1.1 must be used.

Removed Unused Logging Options

The fields UserId and ECid are removed from the logging system as they were not used by Payara (we inherited them from GlassFish). But, since they only report a JVM system property we decided to remove them as they are not useful.

Release Notes

The November 2021 Payara Enterprise Release (request here) includes 4 improvements, 4 bug fixes, and 2 component upgrades, while the Community Release (direct download here) includes 11 improvements, 6 bug fixes, and 11 component upgrades. 

See more detailed overview of the fixes and improvements in the Release Notes:

Comments