mendelson OFTP2 2024 released

Jan
02
2024
2
min read
A- A+
read
By development
mendelson OFTP2

mendelson OFTP2 2024 released

What is new

  • Added the ability to automatically detect the mail server settings based on the specified notification mail address<
  • The underlying database structure has been prepared to support client authorization (RFC 6749 4.4) in the OAuth2 plugin - this will be added to SMTP if required
  • Added a new dialog to automatically determine the mail server configuration if you only know the recipient mail address for setting up the notification mail
  • Client improvements: Added a notification badge for configuration issues in the status bar, set up UI scaling of the list of configuration issues
  • Revision of the import/export functions of the certificate manager
  • Certificate Manager: It is no longer possible to expand parts of the trust path tree by double-clicking
  • New icons in the certificate manager
  • When changes are made to incoming port listeners, the bound TLS key alias is now always displayed in the log
  • The command line command "Send request" was slow and has been reworked to improve performance
  • The server settings are now cached in the server processing, which significantly reduces the number of database accesses
  • The information about the sender of a send request (manual, commandline, dirpoll, ..) has been added to the log.
  • An integrated EBCDIC-ASCII and ASCII-EBCDIC converter has been added (Professional Edition). This can be configured for each partner in the pre/post-processing section. As this adds additional information to the partner data, the XML interface has been modified. Please refer to the schemas modify_partner_request.xsd, list_partner_response.xsd and add_partner_request.xsd for more information when using the XML interface
  • Certificate management: Display of the signing algorithm and the name of the EC curve in the overview
  • Key generation: Add support for SHA-2 512, SHA2 512 PSSRSA, SHA3 512 and SHA-3 512 PSSRSA signed keys
  • Addition of the option to generate a Subject Key Identifier (ski) extension in the certificate manager's key generator
  • The previously file-based key/certificate management has been moved to the database. This results in less file IO and more stable operation in cluster mode. R/O and access problems to keystore files are no longer an issue during operation.
  • Added the ability to export a full keystore file from the certificate manager.
  • Added the ability to import a full keystore file into the system at server startup
  • Removed several file system based configuration checks for keystore files
  • Removed several keystore file related server settings and configuration interfaces
  • Revision of the interface for setting up the port listener
  • Modified the data migration wizard: Added the ability to migrate server settings and key/certificate information from the internal database to external databases (Postgres)
  • Added a notification option for system problems
  • Added a notification option for configuration change requests via the XML interface
  • XML interface: certificate import was not rejected if the certificate already existed
  • Add the XML requests to the system events/notifications for the XML interface

Solved problems

  • The filter[startdate] parameter was ignored in the REST API
  • The problem "Comparison method violates its general contract", which occurred very rarely with internal certificate access, has been fixed
  • A problem in the partner XML interface has been fixed (Add partner: The signature algorithm is not recognized during the deserialization process)
  • In HA mode, there was a synchronization problem between the HA nodes when certificates were changed
  • The inbound port listeners did not recognize a change of the TLS private key
  • There was a problem in the TLS certificate manager that it was not possible to delete all expired certificates at once
  • The XML-based certificate deletion request reports that a certificate should be deleted although it actually still exists in the system.
  • There were some problems with the XML API response schemas. Please note that these schemas are not used in mendelson OFTP2, they are only available for information purposes.
  • The following schemas have been changed: modify_partner_response.xsd, list_partner_response.xsd, delete_certificate_response.xsd
  • There was a problem with an inaccessible directory for send jobs in an HA cluster
  • Fixed an issue where port listeners were removed if they were not properly displayed on system startup
  • Fixed an issue where port listeners were not started for a running server if there was no TLS key and then a new one was set
  • Fixed a problem with the processing of certificates: "Comparison method violates its general contract"
  • Fixed some issues in the XML schemas for the partner-related XML server interface

Updated/new software packages

  • Update to Bouncycastle v176 (Crypto API)
  • Update to Lucene 9.8.0 (indexing of system events)
  • Update to MINA 2.2.3 (client-server interface)
  • Update to HSQLDB 2.72
Tags
OFTP2