mendelson AS2 2021 b474 released

Jan
04
2021
4
min read
A- A+
read
By development

Yearly release of mendelson AS2 for 2021
Full release notes of yearly development

What is new

  • Support for colorblindness: Since the icons in the transaction overview
    are in red or green and therefore in case of red/green blindness (9% of all
    men are affected, 0.8% of all women) overlays with additional symbols can
    now be displayed. They are displayed above the colored icons
  • The structure of the Linux shell scripts for starting the software has been
    completely reworked - they can be extended thus in the future more simply
  • A new notification system for the user interface has been introduced. Most
    notifications no longer have to be confirmed via a dialog. Instead, there
    is a notification mechanism, where the message is displayed in a colored window
    (overlay) in the lower right corner of the main window.
  • For send requests from the command line you can now set the payload content
    type as an additional parameter
  • When creating a datasheet, the receive URL of a local station will now be
    is taken from the async MDN setting
  • Under File HTTP Server Configuration, it now displayed how to restrict the
    inbound TLS protocols
  • Since it is possible (possibly by mistake) to define different keystores
    for the input and output of the system, there is now a warning in the automatic
    automatic configuration check if these two keystores do not match.
  • The web interface has been completely reworked.
    • It is now possible to add a custom home page to the front page of the
      web interface
    • The web interface now reports when it is incompatible with the processing
      unit is incompatible. This test is necessary because you can also update
      the web interface separately update
    • There is now a filter function in the web interface for the transaction
      display
    • Icons are scalable, logs are colored
    • The local time or the AS2 server time can be selected in the time display
  • For expired certificates, there is now additional information in the notification
    system and in the system events, so that the user can quickly identify the
    certificate
  • For the post-processing of a transaction, the possibility of of a notification
    has been added.
  • The post-processing (formerly partner events) of transactions has been reworked.
    One can now not only execute a command line, but also alternatively move the
    data to a selectable directory
  • It is now possible, via an additional licensable plugin, to replace the
    supplied database with an external database. Supported are external PostgreSQL
    databases (additionally: CockroachDB)
  • If you have installed the system as a Windows service and no own user defined,
    it now comes to a warning during the automatic configuration test. The "local
    system account" user does not have all the rights that are expected -
    in addition a Windows update can lead to the fact that this user no longer
    is allowed to access his formerly own files. You should always define a separate
    user for the Windows service.
  • All outgoing HTTPS connections now have SNI (Server Name Indication) support,
    as does the connection test
  • There is a warning if too many directories are monitored in too short a
    time. Each monitored directory means a polling process of a directory. If
    the monitoring intervals are too short when there are too many partners, either
    the time intervals can no longer be observed or the system is only busy polling
    directories. This can cause the system to react with timeouts to its own client
    or incoming data connections

Resolved problems

  • Client-Server Interface: Under Cent OS, TLS 1.1 connections are no longer
    allowed by default, so the internal communication between the client and server
    has been switched to TLS 1.2
  • Better Mac OS integration: On the Mac OS, there is a bar at the top of the
    screen for each running software. If contains options for "About" and "Preferences".
    These are now provided with the corresponding functions. In addition, the
    main menu of the application is now also available at the top of the screen
    and no longer directly in the main window. There were also problems when displaying
    the icon for the application
  • In the partner management the tab HTTP Header was not displayed initially,
    but only after a partner change
  • In the certificate manager, a key was generated in the key generation dialog
    even if you closed the window with a click on "x"
  • If the display filter was set in the transaction overview, no update of
    the displayed transactions was triggered, if you changed the start or end
    date.
  • The automatic deletion of transactions did not work if you chose "hours"
    as the time unit
  • It was possible to access the underlaying database from other hosts. Now
    this is only possible from the host where the application is running. You
    can configure/extend this in the file "database.acl" in the installation
    directory (if necessary).
  • If you have commissioned send jobs "via the command line. this led
    to high server load. There was too much information requested from the server
    for a single job. This has now been now significantly accelerated and communication
    streamlined.
  • There was a problem with the lockfile of a server instance. Another started
    server instance recognized the lockfile, but then deleted it.
  • There was a problem with the internal mapping of the signature algorithms
    (SHA3_512/SHA3_384 and SHA3_512_RSASSA_PSS/SHA3_384_RSASSA_PSS)
  • If an incoming MDN was in the wrong structure, it resulted in an incorrect
    error message
  • If you disabled the supplied HTTP server on the server side (command line
    option "-nohttpserver"), this will lead to errors in the client
    when trying to find out the the characteristics of the underlying HTTP server
  • In dark mode the log color "green" was too pungent and it has
    been chosena darker shade
  • There was a problem establishing an outbound connection if a client authentication
    using a certificate was required
  • When certificate data was in UTF-8, this was displayed in the certificate
    management incorrectly
  • Fixed a problem in the interaction between the internal lib MINA and TLS
    1.3
  • For some certificates, the internal calculation of the trust chain took
    so long that the user got the impression that the client was hiding. The depth
    of the trust chain calculation was reduced. It can now can happen in very
    rare casesthat no CA is displayed for a certificate, even though it is actually
    authenticated. But this is only a display problem and seems to us as a reasonable
    solution.

Updated software packages

  • Update to commons pool 2.9.0 (database connection pooling)
  • Update to commons dbcp 2.8.0 (database connection pooling)
  • Update to Apache Batik 1.13 (SVG - scalable images)
  • Update to Bouncycastle v1.67 (Crypto API)
  • Update to Lucene 8.6.0 (System events)
  • Update to MINA 2.1.3 (Client-Server Interface)
  • Update to flatlaf 0.45 (Dark mode)
Tags
AS2