mendelson opensource AS4 1.0 b23 released

Profile picture for user service

Hello all,

we have released a new version of the mendelson AS4 community edition. These are the release notes:

Modifications and changes:
*On the input side, the file names of the payloads are now kept. If a file of this name already exists in the Inbox directory, a unique string is added to it.
*Two new keys "key3" and "key4" have been added to the keystores, the previous keys "key1" and "key2" expire in 2019.
*In the client you can now take a detailed look at the configuration of the underlying HTTP server under "File-HTTP Server Information". This includes the supported ciphers, protocols and attached ports as well as the receiving and control URLs.
*With the generation of new keys you can now add SAN (subject added name) - some companies require special values there. These are also taken over when generating the CSR (certificate sign request, pkcs#10) and can be processed by the mendelson CA.
*Support of the ENTSOGv3 profile
*Compatibility: Some AS4 programs send Receipt Signals encrypted. This is not allowed, but you can now set it in the compatibility settings if the partner software behaves that way

*Under seldom circumstances jobs get stuck in the oubound queue
*For some outgoing files the automatic Content Type automatic identification terminated with an error.
*The security check did not look into the fixed PMode for the signature check, but into the custom mode - that's why the software took these information from the wrong setting.

3rd party software updates:
*Update to WSS4J 2.1.8 (Web Service Security For Java)
*Update to Bouncycastle v157 (Crypto API)
*Update to HSQLDB 2.4 (Database system)
*Update from axiom 1.2.19 to 1.2.20 (XML generation API)
*Update xmlsec 2.0.7 to 2.0.8 (XML security API)

Please download your copy at

Thank you all for your feedback and your help

Your mendelson dev team