You are here: Home / Technical Resources / Technical Alerts

Technical Alerts

This page provides information about the status of reported issues concerning the operations of the PEPPOL transport infrastructure.
Date Issue Description Action Solved
28/10/215

We have received reports that the OCSP Responder certificate has expired for the Access Point CA Pilot/TEST infrastructure.

This may cause validation errors in the pilot environments for implementations that perform certificate revocation checks via the OCSP protocol.

We are right now analyzing the issue and have raised a support case with Symantec.

As a work around, revocation checks can be performed via the CRL mechanism.

19/06/2015 Critical updates of datacenter on the SML database server

The SML registration services will be unavailable on Sunday, June 21st from 10h00 to 18h00 CET.

The DNS lookup for exchange of transactions in the network is NOT affected by the services update.

N/A
26/09/2014 Critical Security Issue with the SML servic

The SML service is affected by “ShellShock” security incident (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271).


The operating system used on the machine where the SML service is operated unfortunately does not provide a patch for this very critical incident.

Therefore it was decided between OpenPEPPOL and BRZ to take down the SML service OUTSIDE business hours, from today 26.09.2014 until at least next Friday (3.10.2014).

This means the SML service is shutdown today, Friday 26.9.2014 at 21:00 CEST.


The SML will be available again next week from Monday 29.9.2014 until Friday 3.10.2014 every day from 9:00 to 17:00 CEST (during active monitoring times). Between 17:00 and 9:00 CEST the following day, the SML service will be down.

This means that registration, modification and deletion of PEPPOL participants and PEPPOL SMPs (publishers) is only possible Mo-Fr from 9:00-17:00 CEST.

This effects both SML and SMK (SML test version)

Important note: the DNS system is not effected. That means the exchange of business documents is possible at all times.

Until 3.10.2014 BRZ is supposed to provide a new system that is secured against this attack.
As of now (Friday evening) it cannot be 100% guaranteed that the new system will be ready on 3.10.2014 but we do everything we can so that it will be available.
At the date of transitioning to the new system, there will be an additional 1 hour downtime to migrate the data from the old system to the new system. You will be notified of that additional downtime separately.
30/09/2014
19/20.5.2014 Maintenance work to all PEPPOL DNS servers

Schedule:

- Monday 19.5.2014, 17:00 – 23:00 CEST: Software upgrade of Secondary Slave DNS (cna-gdwi-2.cna.at)

- Tuesday 20.5.2014, 17:00 – 23:00 CEST: Software upgrade of Master DNS (cna-gdwi-0.cna.at) – no modifications possible!

The goal of this maintenance is to install patches and update RAID controller firmware of BRZ DNS servers.

Consequences and details:

- Tuesday, June 20th from 17:00-23:00 CEST no registration of new participants (or any other DNS modification) will be possible

- All PEPPOL DNS entries are readable on all servers not under maintenance
- Service providers don’t need to take special test actions.
- During the time of the maintenance the transmission of documents MAY be limited if a non-standard DNS-configuration is used.


At least one DNS server (“cna-gdwi-0.cna.at” or “cna-gdwi-2.cna.at”) will be up for reading DNS entries during the whole time of the maintenances, so we’re NOT expecting any troubles with document transmission.

All Service Providers should:

- Check that they are using the Hostnames of the DNS servers to query them, and NOT the IP addresses, as they may change without further notice
- Use the Server “cna-gdwi-0.cna.at” as the master querying server

8.4.2014 START/Validation Due to interoperability issues with the START protocol when receiving Access Points reject messages this action is agreed by all PEPPOL Authorities concerning Validation of payload. APs must not validate the incoming document and reject the document at the protocol level. To ensure the transfer of valid documents and reduce the support tasks the validation should be implemented in the process as early as possible.  It is strongly recommended that all the sending APs do validation and this approach will be further adopted in the PEPPOL TIA. To facilitate the handling of later validation by APs the “Message Level Response” profile can be part of the solution.

 

Ongoing
8.4.2014 OpenSSL A security issue concerning OpenSSL (TLS heartbeat) that may compromise confidentiality of SSL encryption has been published: http://www.openssl.org/news/vulnerabilities.html

OpenPEPPOL Service Provides running Access Point Services using OpenSSL certificates may be affected.

OpenPEPPOL Service Provides running Access Point Services using OpenSSL certificates are requested to verify the issue and take the necessary steps to resolve it.

 

Ongoing

10.9.2013

12.9.2013

17.9.2013

SML

SML service operation notice

An upgrade to a new BIND version of all BRZ (PEPPOL) DNS servers will take place according to the following schedule:

- 10.9.2013, 17:00 – 23:00 CEST: Upgrade of Secondary Slave DNS (cna-gdwi-2.cna.at)

- 12.9.2013, 7:00 – 12:00 CEST: Upgrade of Primary Slave DNS (cna-gdwi-1.cna.at)

- 17.9.2013, 17:00 – 23:00 CEST: Upgrade of Master DNS (cna-gdwi-0.cna.at) – no modifications possible

The goal of this maintenance is to migrate the BRZ DNS servers (one by one) to a new BIND version (v9.9)

To all Service Providers:

1. Check that they are using the Hostnames of the DNS servers to query them, and NOT the IP addresses, as they may change without further notice

2. Use the Server “cna-gdwi-0.cna.at” as the master querying server


Contact us via email at: sml-support@peppol.at

To be completed 17.9.2013
30.5.2013 BusDox Discrepancies between BusDox specifications and current implementations of services

Download document for details and status.

 

Ongoing
22.05.2013
Time 12:30
SML SML maintenance notice:

On Saturday May 25th, 2013 a maintenance of the BRZ (PEPPOL) DNS servers will take place.
The maintenance is scheduled between 9:00 and 13:00 CEST.
The goal of this maintenance is to migrate the PEPPOL DNS zone “peppolcentral.org” to a different primary DNS server.
carmen.ciciriello@peppol.no 25.05.2013
19.04.2013 SML

DNS maintenance, according to plan - PEPPOL participants not to be effected.


SML service operation notice:
On Saturday April 20th, 2013 a maintenance of the BRZ DNS servers will take place. The maintenance is scheduled between 9:00 and 13:00 CET.
The goal of this maintenance is to perform a hardware upgrade on one of our DNS servers (not the primary one for PEPPOL).
This upgrade is not meant to effect the PEPPOL infrastructure in any way. SML will not be effected.

carmen.ciciriello@peppol.no 19.04.2013
16-03-2017 SML

We have been reported problems related with SMP administation of SML

 

The issues are traced this to be related to authentication in the SML application. CEF is working to fix this issue.

 

Functionality affected: Adding and removing participants.


16-03-2017 - issue resolved.
Document Actions