MID Server Governance

  • Release version: Yokohama
  • Updated January 30, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of MID Server Governance

    MID Server Governance enhances security by automatically invalidating and shutting down inactive MID Servers connected to your ServiceNow instance. This prevents forgotten or compromised MID Servers from being misused. The feature tracks the last validation/invalidation status of each MID Server and is part of the MID Server plugin, but it is not enabled by default.

    Show full answer Show less

    Enable and Configure MID Server Governance

    • Enable Governance globally by setting the system property mid.inactivity.timeout.enabled to true.
    • Set the global inactivity timeout period in days using the integer system property mid.inactivity.timeout.days. The default is 30 days if unspecified.
    • You can override the timeout for individual MID Servers by configuring mid.inactivity.timeout.days as a parameter on their records. Setting this value to 0 disables Governance for that MID Server.
    • No MID Server restart is required after changing Governance settings.
    • Governance supports both basic and mutual authentication methods.

    Activity Tracking and Auto-Invalidation

    • The MID Server monitors activity via ECC queue messages and reports last activity hourly to the instance.
    • If a MID Server exceeds the inactivity timeout while up, it is automatically invalidated and shut down.
    • If the MID Server is down when the timeout occurs, a job on the instance invalidates it if idle.
    • The MID Server page displays notifications as the timeout approaches: info messages 3–7 days before and error messages less than 3 days before auto-invalidation.
    • After auto-invalidation, an error message shows the invalidation date on the MID Server page.

    Clearing Auto-Invalidated State

    To bring an auto-invalidated MID Server back online, you must manually clear the auto-invalidated status using the Clear auto invalidated UI action on the MID Server record page. Attempting to restart the MID Server without clearing this state causes immediate shutdown and logs an issue. After clearing, restart and validate the MID Server as usual.

    Additional Details

    The Purpose field on each MID Server is a customer-editable text field to describe the MID Server’s intended use. It is purely informational with no functional impact.

    Related Security and Configuration Topics

    • MID Server certificate check policies
    • MID Server authentication credentials and SOAP requests
    • MID Server unified key store and FIPS Enforced Mode
    • Encrypting/decrypting configuration files and enabling mutual authentication
    • Integration with Azure Key Vault and SSL certificate management
    • Configuring external TrustStores and script file attachments

    This governance capability helps ServiceNow customers maintain tighter control over MID Server usage, reduce security risks from inactive or forgotten MID Servers, and ensure compliance through automatic lifecycle management.

    Improve MID Server security by setting an automatic timeout to invalidate and shut down inactive MID Servers. You can enable this feature and set the inactivity timeout period globally and for each MID Server.

    Set-up indicator for security phaseEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server securityEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server security

    Overview of MID Server Governance

    MID Server Governance prevents forgotten MID Servers connected to ServiceNow instances from being utilized if the instance is compromised. ​MID Server Governance keeps a record of the last status change of the MID Server validation/invalidation process.

    This feature is not enabled by default, and is available out-of-the-box as part of the MID Server plugin. Once enabled, MID Server authentication is expired after a predetermined period of inactivity unless explicitly configured to never expire.

    Enable and Configure MID Server Governance

    MID Server Governance is enabled for all MID Servers by setting the following true/false system property:​ mid.inactivity.timeout.enabled. This property is not defined by default. The global inactivity timeout is ​specified by setting the following integer system property: mid.inactivity.timeout.days. The property takes an integer which specifies the timeout in days. The default timeout is 30 days if unspecified.

    You can override the timeout for a particular MID Server by specifying mid.inactivity.timeout.days as a configuration parameter on that MID Server. A timeout value of 0 disables MID Server Governance on that MID Server. Therefore, you can set a global timeout and also change or disable timeouts for certain MID Servers.

    You do not need to restart the MID Server after changing the Governance configuration. Governance works with either basic or mutual authentication.

    Activity Tracking

    The MID Server analyzes activity by tracking incoming and outgoing ECC queue messages​. Once per hour, the MID Server reports the last activity to instance, which is stored in the ecc_agent record​​, and checks if the inactivity timeout has been reached. If the inactivity timeout has been reached and the MID Server is up, the MID Server is invalidated and shuts down. If the timeout is reached when the MID Server is down, a job on the instance determines if the MID Server is idle and invalidates it on the instance.

    When MID server is approaching auto-invalidation timeout due to inactivity, the MID Server page will display a message indicating:​

    • An info message when 3-7 days remain before inactivity timeout.

    • An error message when less than 3 days remain before inactivity timeout.

    • After a MID has been auto-invalidated, an error message is displayed indicating the date the MID was auto-invalidated​.

    Clearing the auto-invalidated state

    After a MID Server has been auto-invalidated, the auto-invalidated status must be manually cleared in order to bring the MID back up successfully​. The MID Server shuts down immediately if it is restarted without clearing this state. In addition, a MID issue will be logged indicating this occurrence.

    The auto-invalidated state of a MID Server can be cleared by selecting the Clear auto invalidated UI action from the MID Server instance page​. After invoking this UI action, the user should start their MID Server and continue with the usual validation process.

    Purpose field

    The purpose is a text field that the customer can update at any point to indicate the intended usage for the MID Server. This field is purely descriptive and has no further interactions.