mendelson AS2 2025 released

Jan
07
2025
1
min read
A- A+
read
By development
mendelson AS2

What is new

  • The HTTP request log of the integrated HTTP server Jetty can now be enabled or disabled.
  • If outgoing data was rejected by the partner, there was no way to view it in the software. These rejected data are now stored and can be visualized in the client-just like data that was successfully accepted.
  • Checkboxes have been replaced with toggle switches.
  • New font sizes for buttons, tabs, and logs have been introduced.
  • A new High Contrast Mode is now available.
  • Client and server now support Spanish, Italian, and Portuguese in addition to German, English, and French. The language can either be set manually (via command-line parameters or client settings) or automatically detected based on the system language selected in the operating system.
  • New configuration checks have been added: the number of file handles and sufficient memory availability.
  • Not all certificates have valid CRLs. A new setting has been added to suppress these errors.
  • The entire certification chain of a certificate can now be exported as PEM in a single step.
  • During the export/import of a private key (PKCS#12), the entire certification chain can now optionally be exported/imported.
  • Private keys can now also be exported as PEM.
  • Certificates now display the link to the certificate policy, if the certificate includes it.
  • 3DES has been marked in the UI as an insecure algorithm. This is based on the NIST statement: "The Triple Data Encryption Algorithm (TDEA or 3DES) is being officially decommissioned, according to draft guidelines provided by NIST on July 19, 2018. According to the standards, 3DES will be deprecated for all new applications following a period of public deliberation, and its use will be prohibited after 2023."
  • Encryption algorithms CAMELLIA, AES_nnn_GCM, AES_nnn_CCM, and CHACHA20_POLY1305 have been added.
  • Logging has been enhanced to always display the origin of keys and certificates when used. This makes it easier to identify configuration issues.
  • A new REST API endpoint has been added for deleting partners.
  • A new REST API endpoint has been added for modifying partners.
  • It is now possible to perform a connection test via the REST API.

 
Resolved problems

  • Certificate Manager: The copy function between certificate managers copied only keys but not certificates.
  • Certificate Manager: It was possible to import private keys even if the corresponding certificate already existed.
  • Certificate Manager: No CSR could be generated for EC keys.
  • Certificate Manager: Checking the CRL is now possible manually or at regular intervals via settings.
  • Certificate Manager: The certification path was not always displayed correctly for EC certificates under Java 17 and higher.
  • REST API: Database connections remained open under high load.
  • Post-processing: The Exec calls for system commands in post-processing did not wait for the return code of the execution.
  • There was an error in the executable program addUser for adding new users to the system.
  • The performance of client-server login has been improved, especially affecting the standalone send process for sending jobs and the REST API.

 
Updated software dependency packages

  • Update to Bouncycastle v179 (Crypto API).
  • Update to Lucene 9.11.0 (Indexing of system events).
  • Update to MINA 2.2.4 (Client-Server Interface).
  • Update to HSQLDB 2.74 (Integrated database server).
  • Update to Batik 1.18 (SVG Icons).
  • Update to Hikari 6.2.1 (Database pool).
  • Update to Jetty 10.0.24 (HTTP Server).
Tags
AS2