Description of changes:
The Hub VALIDATION and PRODUCTION environments are transitioning from the legacy Entrust-based certificates to the new CA structure managed by DirectTrust. These certificates are used to establish secure connectivity to Participant gateways, and also to (optionally) re-sign message headers when required to facilitate interoperability.
Scope:
VALIDATION
- On Wed 10/20 the change will be deployed to ALL of the eHealth Exchange Hub server instances in the VALIDATION environment.
PRODUCTION
- On Thu 10/21 the change will be deployed to ONE of the eHealth Exchange Hub server instances in the PRODUCTION environment. After the deployment eHx staff will monitor closely to determine if any Participants are experiencing issues when initiating or responding to this one migrated instance, and we will contact those Participants directly.
- On Thu 10/28 the change will be deployed to ALL of the remaining eHealth Exchange Hub server instances in the PRODUCTION environment.
Impact:
*** You should have already added the DirectTrust trust bundles (namely the EMR Direct and MaxMD root and intermediary certificates) into your trust stores and related network appliances such as traffic shapers, load balancers, gateways, firewalls, routers, etc. If you do not yet accept the new DirectTrust trust bundles in both your VALIDATION and PRODUCTION environments, then this Hub maintenance activity will be a breaking change.
We do not anticipate any other service interruptions during the maintenance event; Real-time routing of messages through the Hub will be unaffected.
Support:
eHealth Exchange staff will monitor administrator@ehealthexchange.org during the upgrade window to address any questions or concerns.
ADDITIONAL INFORMATION AND REMINDERS:
The eHealth Exchange Hub team has implemented a recurring weekly scheduled maintenance window each Thursday evening at 5:00pm ET for all non-urgent events. The duration of each maintenance event will be determined by the respective changes for each event, and details will be communicated out to all Participants at least 48 hours prior to the event. If there are no changes for any given week then the maintenance event will not occur, and no notice will be sent. Also please note that Operating System and similar updates that do not require a service outage, and do not require changes to the application layer, will be performed during this scheduled maintenance window without specific notice due to their frequent and routine nature.
