Reflection for the Web - Release Notes

February 2019

Reflection for the Web version 12.3 SP1 Update 2 released February 2019.

What’s New

Reflection for the Web 12.3 SP1 Update 2 includes the following features (in addition to the features in 12.3 SP1 Update 1).

  • Replaced Oracle Java with OpenJDK on the server side.

  • Updated Management and Security Server (MSS) to 12.5.2.

  • Updated Apache Tomcat to 9.0.12.

  • Added elliptic curve algorithms to TLS connections, and disabled binary and MQV to comply with corporate cryptography standards.

  • Reflection for the Web client X.509 certificate filter is customizable and separate from the Management and Security Server certificate filter.

  • Reflection for the Web session sends the client certificate when an empty CA certificate request is received.

  • Refined the certificate chooser for Reflection for the Web terminal session.

Compatibility Requirements

Reflection for the Web 12.3 SP1 Update 2 includes Host Access Management and Security Server 12.5.2 to create, manage, and secure your host sessions.

The Reflection for the Web automated installer provides the option to install both products, even though the products are installed independently.

If you choose to use a previous installation of Management and Security Server, version 12.5 or higher is required. Versions must be compatible to implement security updates and other functions.

NOTE:The Security Proxy (and any MSS Add-on product) must be the same <major>.<minor>.<update> version as Management and Security Server.

For example, when you upgrade to Reflection for the Web 12.3 SP1 Update 2, which uses MSS version 12.5.2, be sure to upgrade the Security Proxy to version 12.5.2.

For information about using Management and Security Server, see the MSS Administrator Guide.

Resolved Issues

These issues have been resolved since version 12.3 SP1 Update 1.

  • RWeb client now sends email certificate in response to certificate request from host.

  • Resolved Security Vulnerabilities:

    • CVE-2017-7525
    • CVE-2017-15095
    • CVE-2017-17485
  • Reflection for the Web 3270 printer session no longer crashes when configured for "Emulate form feeds."

  • The Reflection for the Web client saves the certificate selection.

  • When using certificate filter parameter in the terminal session, all certificates are now filtered.

  • Reflection for the Web hostname verification works with Bouncy Castle

  • The numeric keypad is enabled during SSH loging when "Authenticate in terminal window" is selected.

  • The applet parameter "IBM3287AutoFormFeed" for 3270 printer sessions is accessible from the user interface.

  • Updated Jackson-Databind to 2.9.5.

  • Reflection for the Web secured proxy E2E connection no longer fails when "Enable identity verification" is checked.

Resources

About Upgrading

The upgrade process varies depending on the version you are upgrading from. For more information, refer to the Reflection for the Web Installation Guide.

If you are evaluating

When you run an evaluation copy, the product will be fully functional for 120 days. During that time you can install, configure, and test Reflection for the Web version 12.3 SP1 Update 2.

Follow the installation steps in the Reflection for the Web Installation Guide, and then walk through the evaluation scenario presented in Evaluating Reflection for the Web.

Please contact Micro Focus or your authorized reseller to obtain the full-use version of the software.

Online Resources

Security Updates

Support Resources, including Knowledge Base articles

Reflection for the Web Documentation:

  • Reflection for the Web Installation Guide

  • Reflection for the Web Reference Guide -- includes the Advanced topics, previously in the Administrative WebStation:

    • API and Scripting
    • Using ECL
    • Applet Attributes and Parameters
    • HTML Samples
    • Host-initiated RCL Support

Management and Security Server (MSS) Documentation: