mendelson AS4 2021 b258 released

min read
A- A+
mendelson AS4

Yearly release of mendelson AS4 for 2021
Full release notes of yearly development

What is new

  • Support for colorblindness: Since the icons in the transaction overview
    are in red or green and therefore in case of red/green blindness (9% of all
    men are affected, 0.8% of all women) overlays with additional symbols can
    now be displayed. They are displayed above the colored icons
  • The structure of the Linux shell scripts for starting the software has been
    completely reworked - they can be extended thus in the future more simply
  • A new notification system for the user interface has been introduced. Most
    notifications no longer have to be confirmed via a dialog. Instead, there
    is a notification mechanism, where the message is displayed in a colored window
    (overlay) in the lower right corner of the main window.
  • Under File HTTP Server Configuration, it now displayed how to restrict the
    inbound TLS protocols
  • Since it is possible (possibly by mistake) to define different keystores
    for the input and output of the system, there is now a warning in the automatic
    automatic configuration check if these two keystores do not match.
  • For expired certificates, there is now additional information in the notification
    system and in the system events, so that the user can quickly identify the
  • If you have installed the system as a Windows service and no own user defined,
    it now comes to a warning during the automatic configuration test. The "local
    system account" user does not have all the rights that are expected -
    in addition a Windows update can lead to the fact that this user no longer
    is allowed to access his formerly own files. You should always define a separate
    user for the Windows service.
  • All outgoing HTTPS connections now have SNI (Server Name Indication) support,
    as does the connection test
  • There is a warning if too many directories are monitored in too short a
    time. Each monitored directory means a polling process of a directory. If
    the monitoring intervals are too short when there are too many partners, either
    the time intervals can no longer be observed or the system is only busy polling
    directories. This can cause the system to react with timeouts to its own client
    or incoming data connections
  • Better Mac OS integration: On the Mac OS, there is a bar at the top of the
    screen for each running software. If contains options for "About" and "Preferences".
    These are now provided with the corresponding functions. In addition, the
    main menu of the application is now also available at the top of the screen
    and no longer directly in the main window. There were also problems when displaying
    the icon for the application
  • In ENTSOG 3.5 it is defined that you CAN have an own URL per PMode (optional
    extension) - this has been added

Resolved problems

  • Client-Server Interface: Under Cent OS, TLS 1.1 connections are no longer
    allowed by default, so the internal communication between the client and server
    has been switched to TLS 1.2
  • In the certificate manager, a key was generated in the key generation dialog
    even if you closed the window with a click on "x"
  • It was possible to access the underlaying database from other hosts. Now
    this is only possible from the host where the application is running. You
    can configure/extend this in the file "database.acl" in the installation
    directory (if necessary).
  • There was a problem with the lockfile of a server instance. Another started
    server instance recognized the lockfile, but then deleted it.
  • In dark mode the log color "green" was too pungent and it has
    been chosena darker shade
  • There was a problem establishing an outbound connection if a client authentication
    using a certificate was required
  • When certificate data was in UTF-8, this was displayed in the certificate
    management incorrectly
  • Fixed a problem in the interaction between the internal lib MINA and TLS
  • For some certificates, the internal calculation of the trust chain took
    so long that the user got the impression that the client was hiding. The depth
    of the trust chain calculation was reduced. It can now can happen in very
    rare casesthat no CA is displayed for a certificate, even though it is actually
    authenticated. But this is only a display problem and seems to us as a reasonable
  • The AS4 system shutdown script for Linux was not part of the delivery


Updated software packages

  • Update to commons pool 2.9.0 (database connection pooling)
  • Update to commons dbcp 2.8.0 (database connection pooling)
  • Update to Apache Batik 1.13 (SVG - scalable images)
  • Update to Bouncycastle v1.67 (Crypto API)
  • Update to Lucene 8.6.0 (System events)
  • Update to MINA 2.1.3 (Client-Server Interface)
  • Update to flatlaf 0.45 (Dark mode)
  • Update to apache HTTPClient 4.5.13