mendelson AS2 opensource b67 released

2
min read
A- A+
read
mendelson AS2 - community edition

Please download the new version at https://mendelson-e-c.com/opensource

03/2025 mendelson opensource AS2 1.1 b67

What is new

*The HTTP request log of the integrated HTTP server Jetty can now be enabled or disabled.
*If outgoing data was rejected by the partner, there was no way to view it in the software. These rejected data are now
stored and can be visualized in the client-just like data that was successfully accepted.
*Most checkboxes have been replaced with toggle switches.
*New font sizes for buttons, tabs, and logs have been introduced.
*A new High Contrast Mode is now available.
*The system now supports Spanish, Italian, and Portuguese in addition to German, English, and French. The language can
either be set manually (via command-line parameters or client settings) or automatically detected based on the
system language selected in the operating system.
*New configuration checks have been added: the number of file handles and sufficient memory availability.
*Not all certificates have valid CRLs. A new setting has been added to suppress these errors.
*The entire certification chain of a certificate can now be exported as PEM in a single step.
*During the export/import of a private key (PKCS#12), the entire certification chain can now optionally be exported/imported.
*Private keys can now also be exported as PEM.
*Certificates now display the link to the certificate policy, if the certificate includes it.
*3DES has been marked in the UI as an insecure algorithm. This is based on the NIST statement:
"The Triple Data Encryption Algorithm (TDEA or 3DES) is being officially decommissioned,
according to draft guidelines provided by NIST on July 19, 2018. According to the standards,
3DES will be deprecated for all new applications following a period of public deliberation,
and its use will be prohibited after 2023."
*Encryption algorithms CAMELLIA, AES_nnn_GCM, AES_nnn_CCM, and CHACHA20_POLY1305 have been added.
*Logging has been enhanced to always display the origin of keys and certificates when used. This makes it easier to identify
configuration issues.
*There are additional information now in the log regarding the connection security and the used cipher if the in/outbound
connections were TLS connections
*Certificate Manager: It contains new information regarding the trust state of an entry
*The update path from HSQLDB 1.8.x to HSQLDB 2.x has been removed, this update process is 10 years old now, since 2015
HSQLDB 2.x is part of the product. Means you could no longer automatically update versions that are older than 2015.

Resolved problems

*Certificate Manager: The copy function between certificate managers copied only keys but not certificates.
*Certificate Manager: It was possible to import private keys even if the corresponding certificate already existed.
*Certificate Manager: No CSR could be generated for EC keys.
*Certificate Manager: Checking the CRL is now possible manually or at regular intervals via settings.
*Certificate Manager: The certification path was not always displayed correctly for EC certificates under Java 17 and higher.
*Post-processing: The Exec calls for system commands in post-processing did not wait for the return code of the execution.
*There was an error in the executable program addUser for adding new users to the system.
*If an outbound AS2 message is generated and a problem occurs (which is very uncommon...), the associated transaction
is not set to red. There will also be no MDN timeout because it has not yet been sent.
*CVE-2024-8184: The embedded Jetty HTTP server has been replaced
*There was a problem in cloning partners in the partner management

Updated software dependency packages

*Update to Bouncycastle v180 (Crypto API).
*Update to Lucene 9.11.0 (Indexing of system events).
*Update to MINA 2.2.4 (Client-Server Interface).
*Update to HSQLDB 2.74 (Integrated database server).
*Update to Batik 1.18 (SVG Icons).
*Update to Hikari 6.2.1 (Database pool).
*Update to Jetty 10.0.24 (HTTP Server).