Yearly release of mendelson opensource AS2 for 2021
What is new
- Support for colorblindness: Since the icons in the transaction overview are in red or green and therefore in case of red/green blindness (9% of all men are affected, 0.8% of all women) overlays with additional symbols can now be displayed. They are displayed above the colored icons
- The structure of the Linux shell scripts for starting the software has been completely reworked - they can be extended thus in the future more simply
- A new notification system for the user interface has been introduced. Most notifications no longer have to be confirmed via a dialog. Instead, there is a notification mechanism, where the message is displayed in a colored window (overlay) in the lower right corner of the main window.
- When creating a datasheet, the receive URL of a local station will now be is taken from the async MDN setting
- Under File HTTP Server Configuration, it now displayed how to restrict the inbound TLS protocols
- Since it is possible (possibly by mistake) to define different keystores for the input and output of the system, there is now a warning in the automatic automatic configuration check if these two keystores do not match.
- The web interface has been completely reworked.
- It is now possible to add a custom home page to the front page of the web interface
- The web interface now reports when it is incompatible with the processing unit is incompatible. This test is necessary because you can also update the web interface separately update
- There is now a filter function in the web interface for the transaction display
- Icons are scalable, logs are colored
- The local time or the AS2 server time can be selected in the time display
- For expired certificates, there is now additional information in the notification system and in the system events, so that the user can quickly identify the certificate
- For the post-processing of a transaction, the possibility of of a notification has been added.
- The post-processing (formerly partner events) of transactions has been reworked. One can now not only execute a command line, but also alternatively move the data to a selectable directory
- All outgoing HTTPS connections now have SNI (Server Name Indication) support, as does the connection test
- There is a warning if too many directories are monitored in too short a time. Each monitored directory means a polling process of a directory. If the monitoring intervals are too short when there are too many partners, either the time intervals can no longer be observed or the system is only busy polling directories. This can cause the system to react with timeouts to its own client or incoming data connections
Resolved problems
- Client-Server Interface: Under Cent OS, TLS 1.1 connections are no longer allowed by default, so the internal communication between the client and server has been switched to TLS 1.2
- Better Mac OS integration: On the Mac OS, there is a bar at the top of the screen for each running software. If contains options for "About" and "Preferences". These are now provided with the corresponding functions. In addition, the main menu of the application is now also available at the top of the screen and no longer directly in the main window. There were also problems when displaying the icon for the application
- In the partner management the tab HTTP Header was not displayed initially, but only after a partner change
- In the certificate manager, a key was generated in the key generation dialog even if you closed the window with a click on "x"
- If the display filter was set in the transaction overview, no update of the displayed transactions was triggered, if you changed the start or end date.
- The automatic deletion of transactions did not work if you chose "hours" as the time unit
- It was possible to access the underlaying database from other hosts. Now this is only possible from the host where the application is running. You can configure/extend this in the file "database.acl" in the installation directory (if necessary).
- There was a problem with the lockfile of a server instance. Another started server instance recognized the lockfile, but then deleted it.
- There was a problem with the internal mapping of the signature algorithms (SHA3_512/SHA3_384 and SHA3_512_RSASSA_PSS/SHA3_384_RSASSA_PSS)
- If an incoming MDN was in the wrong structure, it resulted in an incorrect error message
- In dark mode the log color "green" was too pungent and it has been chosen a darker shade
- There was a problem establishing an outbound connection if a client authentication using a certificate was required
- When certificate data was in UTF-8, this was displayed in the certificate management incorrectly
- Fixed a problem in the interaction between the internal lib MINA and TLS 1.3
- For some certificates, the internal calculation of the trust chain took so long that the user got the impression that the client was hiding. The depth of the trust chain calculation was reduced. It can now can happen in very rare casesthat no CA is displayed for a certificate, even though it is actually authenticated. But this is only a display problem and seems to us as a reasonable solution.
Updated software packages
- Update to commons pool 2.9.0 (database connection pooling)
- Update to commons dbcp 2.8.0 (database connection pooling)
- Update to Apache Batik 1.13 (SVG - scalable images)
- Update to Bouncycastle v1.67 (Crypto API)
- Update to Lucene 8.6.0 (System events)
- Update to MINA 2.1.3 (Client-Server Interface)
- Update to flatlaf 0.45 (Dark mode)