Releases: OxalisCommunity/oxalis
Oxalis 6.0.0-RC3
This version of Oxalis support France Peppol POC. Also note that this version of Oxalis use java 11 as baseline.
Before configuring "oxalis.conf", make sure that you received certificate zip from OpenPeppol Service desk after registration. Add PoC Certificate details in "oxalis.conf" (Keep rest of configuration "as-is" or as per your requirement):
oxalis.keystore {
path="PFR00000X.p12"
password = ""
key.alias = pfr00000X
key.password = ""
For the French PoC, OpenPeppol used self-signed CA "root" & "intermediate" certificates.
To make sure that Java Trust those certificates, you need to add certificate in java cacerts. You can extract "Peppol_POC_Root_TEST_CA.cer" and "Peppol_FRPOC_AP_TEST_CA.cer" from "ca-chain.cert.pem" which is available in cert ZIP which you received via email from OpenPeppol Service Desk. You also have to extract public key of your certificate which you received (available in format as PFR00000X.p12, X is placeholder).
You can use keytool to add POC "root" & "intermediate" certificates in cacerts (adjust it according to your requirement or you can use alternative way as well) :
keytool -import -noprompt -trustcacerts -alias Peppol_POC_Root_TEST_CA -file Peppol_POC_Root_TEST_CA.cer -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit
keytool -import -noprompt -trustcacerts -alias Peppol_FRPOC_AP_TEST_CA -file Peppol_FRPOC_AP_TEST_CA.cer -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit
keytool -import -noprompt -trustcacerts -alias PFR00000X -file PFR00000X.cer -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit
Replace "PFR00000X" with your certificate seat number. Replace "changeit" password if you are using different java keystore password.
In order to ensure/verify that certificates added correctly inside java "cacerts" run below command and search for alias (Peppol_POC_Root_TEST_CA , Peppol_FRPOC_AP_TEST_CA , PFR00000X ):
keytool -list -v -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit | grep "Alias name|Valid from:"
Note: Root certificate - "Peppol_POC_Root_TEST_CA.cer" and Intermediate certificate - "Peppol_FRPOC_AP_TEST_CA.cer" are included in the release artifacts below
Full Release Changelog: v6.0.0-RC2...v6.0.0-RC3
Oxalis 5.5.0
- Bump vefa.peppol to 2.5.0
- Bump google guice to 5.1.0
- Bump slf4j to 2.0.6
- Bump logback to 1.3.5
- Bump lombok to 1.18.24
- Bump hsqldb to 2.7.1
Full Changelog: v5.4.0...v5.5.0
NOTE: If you are using Oxalis 5.5.0/Oxalis-AS4 5.5.0 and you are compiling source on Java 8, then download attached "dummy.zip" and place it's content in \oxalis-5.5.0\oxalis-test\src\main\resources\dummy . This will fix certification expiration issue.
Oxalis 5.4.0
- Bump guava version to 31.1-jre: 19ee610
- Bump h2 database version to 2.1.214: 0eff301
- Bump jetty version to 9.4.48.v20220622: 4a668d3
- Bump slf4j version to 2.0.0-alpha7 and logback version to 1.3.0-alpha16: ada95b6
- Used Oxalis Community version of pkix-ocsp, commons-certvalidator and peppol-specifications, bump bouncycastle to 1.70, bump vefa-peppol to 2.4.0, Bump javax.mail to 1.6.7, replaced mysql connector with mariaDB etc : 6929719
Note: This version is compatible with Oxalis-AS4 v5.4.0 . Older Oxalis-AS4 versions are Not compatible with this Oxalis version due to package name refactoring
Oxalis 5.3.0
- Added PINT Dynamic Document Type Scheme (aka “peppol-doctype-wildcard” aka "Peppol Wildcard Scheme") support : cde1269
- Bump mysql-connector-java version to 8.0.29 : ed765d9
Note: This release is containing PINT DDTS (aka “peppol-doctype-wildcard” aka "Peppol Wildcard Scheme") changes. PINT DDTS (aka “peppol-doctype-wildcard” aka "Peppol Wildcard Scheme") is Not in production use yet
Oxalis 5.2.0
Oxalis 5.1.0
Fixed : OxalisCommunity/Oxalis-Public-Roadmap#4
Upgraded vefa-peppol to version 2.1.0 : 98817c1
Oxalis 5.0.8
- Bump h2 from 2.0.206 to 2.1.210
- Added dummy certificates for oxalis-test
Oxalis 5.0.7
Security fixes:
- Fix critical severity GHSA-h376-j262-vhq6 -> RCE in H2 database Console. CVE: The CVE hasn't been posted by NIST but will be assigned CVE-2021-42392
- Fix high severity GHSA-7rpj-hg47-cx62 -> Improper Restriction of XML External Entity Reference in H2 Database. CVE: CVE-2021-23463
Oxalis 5.0.6
Oxalis 5.0.5
- Upgraded vefa-peppol version to 2.0.2 : ec6c95c
- Mask secrets by @johnksv : 7a5c44b and 9d5d460 👏
- Documentation to configure correct trusted certificate list by @tjeb : aa359fe 👏
- Guava version upgrade from 28.2-jre to 30.0-jre : 743ef2a and d2e137d
- Bump httpclient from 4.5.11 to 4.5.13 : 5fd7ccd
- Bump jetty-server from 9.4.35.v20201120 to 9.4.41.v20210516 : ab033fb
- Updated openjdk:8u191 to openjdk:8u212 due to missing manifest file : 4aa6286