since release 2.5 some certificates fail with "Error building
certPath. No data available in passed DER encoded value." The Issuer
certificates are available and shown as valid, Djigzo Version 2.4.x
also show the certs as valid. Any idea what could be wrong?
We've just up setup a new djigzo virtual appliance and restore the configuration saved from previous installation.
The only change made to the original configuration was activation of new cc to replyer option.
The issue. When the reply button is pressed on the received PDF message the djigzo login page is displayed instead of the reply form.
Any idea what could be wrong in the configuration?
Corporate Health Systems, Inc.
A new version of DJIGZO gateway (version 2.5.0) is now officially released.
The packages, including the updated Virtual Appliances, can be
Upgrade guide direct download:
* a page has been added on which a MIME encoded email can be uploaded
for text extraction. This allows the admin to see which text the DLP
scanner uses for pattern matching.
* PDF option "Send CC to replier" added. If set, a CC of the PDF reply
will be sent to the replying user.
* S/MIME option "Skip import of untrusted certificates" added. By
default all certificates from a signed email will be imported even if
untrusted. By enabling "Skip import of untrusted certificates", only
trusted certificates are imported.
* "Signing subject trigger" option added. This can be used to force
signing of email if the subject contains a user defined keyword
(keyword can be removed if configured).
* Password strength check/estimate is added to the portal password
selection/change pages. The minimum required password strength can be
set by the administrator. By default you are not allowed to use your
email address as your password or base your password on your username
or use a qwerty sequence of more than 5 characters.
* System page added on which the server can be restarted/rebooted and
* Three custom properties and templates added. These properties and
templates can be used if the mail flow (config.xml) is modified by
the admin and the changes require some user configurable options.
* a page has been added with which an email can be sent. This is helpful
for testing purposes.
* French language support added to portal
* WEB GUI is automatically logged off after 5 min. of inactivity.
* The HTML text extractor for the DLP scanner now by default skips HTML
comments. This makes it less likely to have false positives for
certain patterns (for example SSN pattern)
* The HTML text extractor for the DLP scanner now by default only scans
the HTML body. This makes it less likely to have false positives for
certain patterns (for example SSN pattern)
* The HTML text extractor now also scans application/xhtml+xml
* "Dynamic" memory allocation is now enabled by default. The DJIGZO
back-end now by default uses a heap size of 0.6 * available memory.
* The back-end SMTP server no longer adds a received header. This makes
it easier to remove internal IP addresses from the received headers
using Postfix header checks.
* Backup's are now gzip'd.
* Changing the Web GUI IP filter no longer requires a restart of the web
server. The IP filter settings are read from
* Max inline body of PDF is now by default 256K. If the text is larger
that max, the text will be added as a text attachment.
* back-end logs now rotate at 10MB (was 5MB)
* The SMS option "Phone number allowed" is no longer enabled by default.
Note: This is a non-backward compatible change since the default
value changed. To revert back to the old behavior, enable the global
"Phone number allowed" option.
* sudo usage has been simplified. Scripts will now be executed from
* Some jars updated to newer releases
* Support for right to left (RTL) text added to the PDF encryption
* Support for multiple SMS transports added.
* The DLP scanner now also extracts the meta content of MIME parts. This
can for example be used to block or quarantine certain attachment
types. The attachment type is detected from the content of the
attachment and not from the filename.
* Comodo classes have been removed for now since the Comodo EPKI no
longer allowed certificates to be automatically requested (the Comodo
module will probably be added in later versions)
* Changing the automatic backup cron expression no longer requires a
restart. The backup job will be rescheduled.
* The signature algorithm identifier of a signed email changed between
RFC 3851 and RFC 5751. RFC 5751 uses for example sha-1 whereas RFC
3851 uses sha1. The gateway by default follows RFC 5751. Some
anti-spam gateways however cannot handle the new RFC 5751 syntax. The
SMIMESign mailet can be configured to revert back to RFC 3851.
* URL detection for the PDF module has been improved.
* The reply link in the PDF is now a clickable image.
* OpenJDK 7 is now supported.
* WEB GUI look and feel updated. Moved some functionality to different
pages (for example SMS queue is not part of the Queues page). Most
menu items can be dynamically extended to support add-ins.
* JCE policy manager page removed since this is not longer required with
* Most pages now close after applying the settings instead of showing
* The WEB GUI now checks whether regular expressions are valid.
* Virtual Appliance: The Virtual Appliance now runs on Ubuntu 12.04 LTS.
* Virtual Appliance: Backup/restore is now possible from the console
* Virtual Appliance: Remote samba share can be mounted.
* Virtual Appliance: Network setup should now be done with the WEB GUI.
Only the initial IP address can be setup with the console
* The HTML text extractor for the DLP scanner sometimes removed white
space characters which resulted in merged words.
* Some internal James log files were not correctly log rotated.
* On Chrome, if an attachment was removed from the PDF reply page, the
frame was not resized.
PS. if you already installed the release candidate 2.5.0-4, there is no
need to reinstall since this release version is the same as the last
DJIGZO email encryption