4.3.0 What's New

Mirth Connect 4.3.0 includes new features such as ... as well as changes, updates, and improvements.

• Core Mirth Connect
  • New Features
    • Added New Functionality to the Mirth Connect Setup Wizard (Installation Process)
    • Added the Ability for Resource and Channel-Specific Classloaders to Load Child-First or Parent-First
  • Fixed Defects
    • The TCP Listener Now Correctly Binds to the Specified Local Address
    • Null Pointer Exception When Using Custom Extensions
    • Previous Message Shows in Message View When Messages Have Been Filtered Out
    • Prevent Overwriting the log4j2.properties File during an Upgrade
• Security Improvements
  • Library Updates
    • Mirth-Crypto Library Now Included in Mirth Connect Core Codebase
  • Functional Changes
    • Updated Default Supported TLS Cipher Suites
• Commercial Extension Improvements
• Docker Images

You can find the list of completed issues for this release here.

Core Mirth Connect

New Features

Added New Functionality to the Mirth Connect Setup Wizard (Installation Process)

We added new features to the Mirth Connect Setup Wizard that include, but are not limited to, the following:

1. We added more information on the screens with links to the What's New, Upgrade Guide, and documentation. This helps users understand what options to enter on the screens.
2. We added the ability to install your extensions at the time Mirth Connect is installed or upgraded. This simplifies the process so that users no longer have to install extensions manually and restart the service.
3. We added the ability to enter your license key for extensions. This will default to the license.key value from your mirth.properties file during an upgrade.
4. We added our new logo and a list of each dialog screen so that users know exactly where they are in the process.

Added the Ability for Resource and Channel-Specific Classloaders to Load Child-First or Parent-First

We've added the ability to specify whether resources should load classes "child-first" or "parent-first". Previously, all resource classloaders loaded "parent-first". This meant that when a user attempted to use a class that is already included with Mirth Connect, such as a PostgreSQL driver, the class was loaded from the parent classloader instead of loading the custom version that the user wanted. The user can now achieve the desired behavior using a "child-first" classloader. We have also made "child-first" the default option. (Community Issue)

Fixed Defects

The TCP Listener Now Correctly Binds to the Specified Local Address

A correction was made to the TCP Listener to bind to the localhost as entered in the "Local Address - Specific interface" field. Previously, the TCP Listener would bind to all interfaces (0.0.0.0). (Community Issue)

Null Pointer Exception When Using Custom Extensions

We fixed a null pointer exception that occurred when using a custom extension that extends the ChannelColumnPlugin abstract class.

Previous Message Shows in Message View When Messages Have Been Filtered Out

We fixed an issue where a message that should have no contents would display the contents from a previously viewed message. (Community Issue)

Prevent Overwriting the log4j2.properties File during an Upgrade

We fixed the issue where the log4j2.properties file were being overwritten during an upgrade, so any customizations will now be retained. (Community Issue)

Security Improvements

Encryption Settings

The default encryption algorithm has been updated from AES to AES/CBC/PKCS5Padding. In addition, before being encrypted, strings will be encoded using UTF-8 instead of the JVM default charset. (Community Issue)

• If you did not have encryption.algorithm already overridden in mirth.properties, then no action is required. Any newly encrypted data will just use the new default algorithm, and old encrypted data will still be able to be decrypted (using the old default algorithm).

• If you had encryption.algorithm overridden and set to AES, then you should consider updating that, for example to AES/CBC/PKCS5Padding or AES/GCM/NoPadding. Mirth Connect will warn you on startup with this message as well. Support for AES (without any mode/padding specified) will be removed in a future version.

Library Updates

Mirth-Crypto Library Now Included in Mirth Connect Core Codebase

The mirth-crypto library is now included in the open-source Mirth Connect core codebase to allow users to distribute Connect. (Community Issue)

Functional Changes

Updated Default Supported TLS Cipher Suites

In 4.3.0, the following weak cipher suites have been disabled by default:

• TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
• TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
• TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
• TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
• TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
• TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
• TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
• TLS_DHE_DSS_WITH_AES_256_CBC_SHA
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
• TLS_RSA_WITH_AES_128_CBC_SHA256
• TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
• TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
• TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
• TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
• TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
• TLS_DHE_DSS_WITH_AES_128_CBC_SHA

For more information on TLS Cipher Suite changes see the 4.3.0 Upgrade Guide.

Commercial Extension Improvements

Docker Images

Updated Deprecated Base Images

The OpenJDK and AdoptOpenJDK base images have been deprecated, so the official Mirth Connect Docker images that were previously built with those base images are now built with the eclipse-temurin image.