pasUnity 4.40.0.0 RTM is now generally available.

This release of pasUnity contains major changes to security and configuration management.

What changes are being made to security and why?

Back in May of 2018 we communicated our intention to enforce a more secure infrastructure for our pasUNITY Enterprise Suite ecosystem of products here.  To lay the groundwork we asked our customers to please ensure that Microsoft .NET Framework 4.7 or higher was installed on all systems that hosted pasUNITY components in preparation for this upgrade.

As of this release all infrastructure services (including pasPortal Web Services framework endpoints) communicate solely over HTTPS and TLS 1.2 secured with X.509 certificates.  All HTTP legacy endpoints have been deprecated.

All versions of pasUnity prior to version 4.40.0.0 will cease communication with pasPortal effective October 1st, 2018.  We will be reaching out to all customers with a valid maintenance agreement to provide free upgrade assistance to ensure that all systems continue to operate after the deadline.

What are the changes to Configuration Management and why?

This release includes major new capabilities for the Configuration Manager in the form of a Certificate and Service tab that allow you to fully configure web service endpoints graphically via the UI.  This eliminates the need to hand-code configuration files and dramatically simplifies the tedium of creating and managing X.509 certificates.

To begin create a certificate with the DNS name that you wish to apply to your services as show below or import a certificate from a certification authority instead.



Now you can view and manage this certificate in the new UI as shown below:



Finally, you choose the certificate you want to use to secure the service and navigate to the Services tab where you can apply the certificate.  Additionally, you can view all of your service accounts, apply the DNS name that matches your certificate to the services, and even change the port numbers that the services run on. Note that the service protocol (HTTPS) is not configurable.  We no longer allow non-secure endpoints to be defined on our products.



Just do not forget to press Update when you are finished.  Pressing Update will apply the DNS name and certificate to your services and additionally ensure that the certificate is associated with the Endpoint URLs within Windows, and apply security to the certificate to allow the service accounts to access it.

As a final step for those customers who will be using pasPortal Matrix and Mapping services please export your certificate's public key and provide it to your pasUNITY support contact to ensure that two way communication with the pasPortal can be established.