mendelson AS4 server 2023
What is new
- The AS4 profile Profile BDEW is supported.
- Support for ECDH-ES (Elliptic Curve Diffie-Hellman with ephemeral-static keys) - this is necessary for the profile BDEW
- If there were changes in the settings, all connected clients are now informed via push message and show a notification
- The UINotification in the client was reworked
- The connection test dialog has been revised and now also shows partner information
- When sending test mail there is now a detailed log regarding the communication with the mail server
- There is the new plugin OAuth2 for authorization of notification mails
- In key generation, more algorithms have been added and EC display has been improved. It is now possible to select the key directly on an ECC named curve. This is necessary for the profile BDEW.
- It is now directly possible to copy entries of the two certificate administrations to each other. It is no longer necessary to take the detour of exporting an entry and importing it into the second administration.
- In the certificate manager it is now possible to display the references to the certificate usage. So you can see where and if the certificates are still used in the product before deleting them.
- In the certificate manager unused certificates for encryption/signature are grayed out
- There is a new plugin OAuth2 for authorization of notification mails
- The color coding of the logs has been revised. The color codes are now VT-100/ANSI compatible - this will allow colored log output on ANSI compatible shells in the future
- Light mode and dark mode of the client can now be changed directly in the settings
- Context sensitive help is now available in the client, via balloon tooltips. You can go with the mouse directly on the respective question mark of the text fields, check boxes, etc., then the corresponding long texts appear as a hint to the meanings.
- In the "About" display you can now see the version of the client driver of the Postgres database, if the PostgreSQL plugin is activated.
- If cryptographic operations were attempted with the wrong key type, there are now extended error messages (EC Key/RSA Key). For example, the cryptographic operations of the AS4 profile require BDEW Elliptic Curve keys/certificates.
- The settings of the underlying HTTP server can now be edited directly in the AS4 client.
- The underlying HTTP server now automatically registers when the TLS key has been changed, a restart of the server is no longer necessary
- It is now possible to define the maximum number of incoming connections
Resolved problems
- When importing a certificate from an external keystore in JKS format into theTLS keystore (JKS), the error "non recoverable key" occurred.
- The first partner in the partner management could not be deleted
- The performance of the command line call AS4Send was increased
- If in the SOAP part of an incoming transmission a URI started with https://, this was not recognized as a URI and the incoming check requested a URI there - in this case the incoming check always had to be turned off
- When sending, PMode.Initiator.Party.Type was used instead of PMode.Responder.Party.Type - this was not noticed before because most AS4 profiles do not use this
- The performance of the internal schema validation of the SOAP part of a transmission was increased
Updated software packages
- Update to Bouncycastle v1.72 (Crypto API)
- Update to Lucene 9.1.0 (indexing of system events)
- Update to MINA 2.2.1 (client-server interface)
- Update to flatlaf 3.0 (dark mode)
- Update to Batik 1.16 (SVG)
- Update to HSQLDB 2.71
- Update to wss4j 2.4.1 (web service security for java)