Please download the new version at https://mendelson-e-c.com/opensource
03/2025 mendelson opensource AS4 1.0 b37
----------------------------
Modifications and changes:
*Configuration Check: The following checks have been added: number of file handles and sufficient memory availability.
*Automatic Configuration Check: CRL issues of certificates are now displayed. This check can be disabled as not all certificates include valid CRLs.
*Most checkboxes have been replaced with toggle switches.
*New font sizes for buttons, tabs, and logs have been introduced.
*A new High Contrast Mode is now available.
*Bitmap icons in the property sheets of PModes have been replaced with scalable icons.
*The display of the AS4 message structure has been revised, as the AS4 profile ICS2 allows multiple attachments, each with its own values.
*The mendelson AS4 has been translated to now support Spanish, Italian, Portuguese, German, English, and French.
The language can either be set manually (via command-line parameters or client settings) or is
automatically detected based on the language selected in your operating system.
*Display of an attachment in the client: The file encoding is now automatically detected and used for display.
*Partner: Directory monitoring can now be enabled or disabled per partner.
*Partner: There are now global settings for directory monitoring that apply to all partners. This allows all directory monitoring
settings for all partners to be configured at once.
*Partner: Warnings are now displayed in partner management if selected AS4 profiles are not suitable for directory monitoring. For example,
the BDEW AS4 profile requires content data in metadata, meaning additional information must be provided with the send job - this could not be
added by the convenience processing method of directory polling
*Partner: Directory monitoring per PMode has been introduced. A subdirectory of the partner with the name
of the respective PMode is now monitored. This is particularly useful for the AS4 profiles ICS2 and Peppol V2.
*ICS2 AS4 Profile: It is now possible to add ICS test messages. These have a special format and do not meet AS4 requirements.
*BDEW AS4 profile: Added the possibility to generate PATH CHANGE and PATH REQUEST messages
*BDEW AS4 Profile: Extension for the BDEW PATH CHANGE REQUEST messages: involved partners have been added to the log. This is now parseable.
*Peppol V2 AS4 Profile: Support for the profile, including Peppol V2 service discovery, creation of a new
dialog specifically for creating Peppol V2 partners, and restriction of outgoing ports. You could now simply add a new Poppol V2 partner
by discovering the data from the official test- or production directory of the EU (https://directory.peppol.eu/).
A new subdirectory will be created to each supported document of this partner, the required certificate and settings will be imported and
you could drop your send documents into the created subdiretories to send them.
*ICS2 AS4 profile: Added the possibility to generate ICS2 test messages and send them to your partner
*Partner TLS certificates can now be regularly checked and retrieved. This is an optional module, please enable it in the settings if required
*Brainpool curve support for TLS is now available. If you like to use this please ensure to set the command line parameter "-enableBrainpoolTLS"
*Certificate Manager: A CRL check has been added.
*Certificate Manager: Not all certificates have valid CRLs; a setting has been added to suppress these errors.
*Certificate Manager: The entire certification chain of a certificate can now be exported as PEM in a single step.
*Certificate Manager: During the export/import of a private key (PKCS#12), the entire certification chain can now optionally be exported/imported.
*Certificate Manager: Private keys can now also be exported as PEM.
*Certificate Manager: Certificates now display the link to the certificate policy, if the certificate includes it.
*Certificate Manager: Certificate signing requests can now also be created in the Certificate Request Message Format.
*Additional TLS information is added to the log for in- and outbound connections. This is mainly the port, the protocol and the cipher suite
Fixes
*Certificate Manager: The copy function between certificate managers copied only keys but not certificates.
*Certificate Manager: No CSR could be generated for EC keys.
*Certificate Manager: Invalid keys were partially displayed as valid but marked in red.
*There are some BDEW AS4 profile message format problems that have been fixed compared to the last community release
*BDEW AS4 Profile: Adjustments to the message structure were necessary due to compatibility issues with other AS4 systems.
*BDEW AS4 Profile: The conversation ID must be empty for both incoming and outgoing messages.
*BDEW AS4 Profile: The xenc:EncryptedKey element lacked the expected reference attribute "Id". While not technically required, some AS4 systems cannot
receive AS4 data without it.
*BDEW AS4 Profile: Test message responses could not be manually restarted.
*ICS2 AS4 Profile: Incorrect default values in the profile (e.g., "PMODE_INITIATOR_PARTY_TYPE").
*The content ID of AS4 message attachments was not unique under high load.
*Performance: Adding new partners became extremely slow with more than approximately 1,000 partners, resulting in a timeout.
*Post-processing: All Exec calls for post-processing did not wait for the return code when executing system commands.
*There was a security vulnerability in displaying XML data (CVE-2024-39334).
*Timestamps in SOAP messages must always be in UTC, which was not previously the case.
*MessageProperties and PartProperties in the database were too limited in their size. This caused issues with the AS4 profile ICS2, where
multiple attachments each have their own properties.
*If certificates in the metadata of an AS4 message were referenced by their issuer and the issuer contained
escaped values, the certificate could not be found in the system.
*There were problems in the storing and processing the user defined HTTP headers. This is important if you are for example using a proxy that
does not change the HOST header and need to set it to the final recipients URL.
3rd party software updates
*Update to Bouncycastle v180 (Crypto API).
*Update to Lucene 9.11.0 (indexing of system events).
*Update to MINA 2.2.4 (client-server interface).
*Update to HSQLDB 2.74 (integrated database server).
*Update to Batik 1.18 (SVG icons).
*Update to Hikari 6.2.1 (database pool).
*Update to Jetty 10.0.24 (HTTP server).