Reflection for the Web version 12.3 SP1 Update 2 released February 2019.
Reflection for the Web 12.3 SP1 Update 2 includes the following features (in addition to the features in 12.3 SP1 Update 1).
Replaced Oracle Java with OpenJDK on the server side.
Updated Management and Security Server (MSS) to 12.5.2.
Updated Apache Tomcat to 9.0.12.
Added elliptic curve algorithms to TLS connections, and disabled binary and MQV to comply with corporate cryptography standards.
Reflection for the Web client X.509 certificate filter is customizable and separate from the Management and Security Server certificate filter.
Reflection for the Web session sends the client certificate when an empty CA certificate request is received.
Refined the certificate chooser for Reflection for the Web terminal session.
Reflection for the Web 12.3 SP1 Update 2 includes Host Access Management and Security Server 12.5.2 to create, manage, and secure your host sessions.
The Reflection for the Web automated installer provides the option to install both products, even though the products are installed independently.
If you choose to use a previous installation of Management and Security Server, version 12.5 or higher is required. Versions must be compatible to implement security updates and other functions.
NOTE:The Security Proxy (and any MSS Add-on product) must be the same <major>.<minor>.<update> version as Management and Security Server.
For example, when you upgrade to Reflection for the Web 12.3 SP1 Update 2, which uses MSS version 12.5.2, be sure to upgrade the Security Proxy to version 12.5.2.
For information about using Management and Security Server, see the MSS Administrator Guide.
These issues have been resolved since version 12.3 SP1 Update 1.
RWeb client now sends email certificate in response to certificate request from host.
Resolved Security Vulnerabilities:
Reflection for the Web 3270 printer session no longer crashes when configured for "Emulate form feeds."
The Reflection for the Web client saves the certificate selection.
When using certificate filter parameter in the terminal session, all certificates are now filtered.
Reflection for the Web hostname verification works with Bouncy Castle
The numeric keypad is enabled during SSH loging when "Authenticate in terminal window" is selected.
The applet parameter "IBM3287AutoFormFeed" for 3270 printer sessions is accessible from the user interface.
Updated Jackson-Databind to 2.9.5.
Reflection for the Web secured proxy E2E connection no longer fails when "Enable identity verification" is checked.
The upgrade process varies depending on the version you are upgrading from. For more information, refer to the Reflection for the Web Installation Guide.
When you run an evaluation copy, the product will be fully functional for 120 days. During that time you can install, configure, and test Reflection for the Web version 12.3 SP1 Update 2.
Follow the installation steps in the Reflection for the Web Installation Guide, and then walk through the evaluation scenario presented in Evaluating Reflection for the Web.
Please contact Micro Focus or your authorized reseller to obtain the full-use version of the software.
Security Updates
Support Resources, including Knowledge Base articles
Reflection for the Web Documentation:
Reflection for the Web Installation Guide
Reflection for the Web Reference Guide -- includes the Advanced topics, previously in the Administrative WebStation:
Management and Security Server (MSS) Documentation:
© Copyright 2019 Micro Focus or one of its affiliates.
The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.