mendelson OFTP2 2024 released

Jan

02

2024

<h3>What is new</h3>
<ul>
<li>Added the ability to automatically detect the mail server settings based on the specified notification mail address<</li>
<li>The underlying database structure has been prepared to support client authorization (RFC 6749 4.4) in the OAuth2 plugin - this will be added to SMTP if required</li>
<li>Added a new dialog to automatically determine the mail server configuration if you only know the recipient mail address for setting up the notification mail</li>
<li>Client improvements: Added a notification badge for configuration issues in the status bar, set up UI scaling of the list of configuration issues</li>
<li>Revision of the import/export functions of the certificate manager</li>
<li>Certificate Manager: It is no longer possible to expand parts of the trust path tree by double-clicking</li>
<li>New icons in the certificate manager</li>
<li>When changes are made to incoming port listeners, the bound TLS key alias is now always displayed in the log</li>
<li>The command line command 'Send request' was slow and has been reworked to improve performance</li>
<li>The server settings are now cached in the server processing, which significantly reduces the number of database accesses</li>
<li>The information about the sender of a send request (manual, commandline, dirpoll, ..) has been added to the log.</li>
<li>An integrated EBCDIC-ASCII and ASCII-EBCDIC converter has been added (Professional Edition). This can be configured for each partner in the pre/post-processing section. As this adds additional information to the partner data, the XML interface has been modified. Please refer to the schemas modify_partner_request.xsd, list_partner_response.xsd and add_partner_request.xsd for more information when using the XML interface</li>
<li>Certificate management: Display of the signing algorithm and the name of the EC curve in the overview</li>
<li>Key generation: Add support for SHA-2 512, SHA2 512 PSSRSA, SHA3 512 and SHA-3 512 PSSRSA signed keys</li>
<li>Addition of the option to generate a Subject Key Identifier (ski) extension in the certificate manager's key generator</li>
<li>The previously file-based key/certificate management has been moved to the database. This results in less file IO and more stable operation in cluster mode. R/O and access problems to keystore files are no longer an issue during operation.</li>
<li>Added the ability to export a full keystore file from the certificate manager.</li>
<li>Added the ability to import a full keystore file into the system at server startup</li>
<li>Removed several file system based configuration checks for keystore files</li>
<li>Removed several keystore file related server settings and configuration interfaces</li>
<li>Revision of the interface for setting up the port listener</li>
<li>Modified the data migration wizard: Added the ability to migrate server settings and key/certificate information from the internal database to external databases (Postgres)</li>
<li>Added a notification option for system problems</li>
<li>Added a notification option for configuration change requests via the XML interface</li>
<li>XML interface: certificate import was not rejected if the certificate already existed</li>
<li>Add the XML requests to the system events/notifications for the XML interface</li>
</ul>
<h3>Solved problems</h3>
<ul>
<li>The filter[startdate] parameter was ignored in the REST API</li>
<li>The problem 'Comparison method violates its general contract', which occurred very rarely with internal certificate access, has been fixed</li>
<li>A problem in the partner XML interface has been fixed (Add partner: The signature algorithm is not recognized during the deserialization process)</li>
<li>In HA mode, there was a synchronization problem between the HA nodes when certificates were changed</li>
<li>The inbound port listeners did not recognize a change of the TLS private key</li>
<li>There was a problem in the TLS certificate manager that it was not possible to delete all expired certificates at once</li>
<li>The XML-based certificate deletion request reports that a certificate should be deleted although it actually still exists in the system.</li>
<li>There were some problems with the XML API response schemas. Please note that these schemas are not used in mendelson OFTP2, they are only available for information purposes.</li> <li>The following schemas have been changed: modify_partner_response.xsd, list_partner_response.xsd, delete_certificate_response.xsd</li>
<li>There was a problem with an inaccessible directory for send jobs in an HA cluster</li>
<li>Fixed an issue where port listeners were removed if they were not properly displayed on system startup</li>
<li>Fixed an issue where port listeners were not started for a running server if there was no TLS key and then a new one was set</li>
<li>Fixed a problem with the processing of certificates: 'Comparison method violates its general contract'</li>
<li>Fixed some issues in the XML schemas for the partner-related XML server interface</li>
</ul>
<h3>Updated/new software packages</h3>
<ul>
<li>Update to Bouncycastle v176 (Crypto API)</li>
<li>Update to Lucene 9.8.0 (indexing of system events)</li>
<li>Update to MINA 2.2.3 (client-server interface)</li>
<li>Update to HSQLDB 2.72</li>
</ul>

Log in or register to post comments