OS4X AS2

From OS4X
Revision as of 10:49, 30 September 2020 by Admin (talk | contribs) (→‎Partner definition)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

The OS4X AS2 functionality is an add-on functionality on the existing solution. The add-on is not limiting the amount of partners you are using. So, the numbers of partners is the sum of OFTP2 and AS2 partners (you don't need to separate them into different licenses). Also, the functionality of OS4X Enterprise is not changed: the integration of AS2 is transparent of users of OS4X.

Partner definition

When editing an AS2 partners, the administrative interface reacts dynamically on your installed license. If AS2 is licensed, the interface offers the protocol "AS2" as selectable protocol for editing a partner. When adding a partner, first fill out at least the shortname, save, then edit this entry. This is because of a non-existing primary key for AS2 partner editing the first time.

Bildschirmfoto 2020-09-30 um 11.54.40.png

The configuration fields are self-explaining:

  • Partner AS2 station ID: this is the AS2 identification of the remote party
  • My AS2 station ID: your own station ID for this partner configuration. OS4X AS2 is multi-client capable.
  • Upload ULR: http or https URL for sending files.
  • Message subject: optional subject of HTTP message sent to the partner
  • Ignore certificate chain: If enabled, OS4X ignores certificate chain errors (during encryption or signature verification)
  • Block "Receiving data from partner": define how to react on received data.
    • Partner sign certificate: certificate file (PEM or DER encoded files are supported). This certificate is being used for verification of signatures of files or signed MDNs from the partner.
    • My decrypt certitficate: certificate file (PEM or DER encoded files are supported incl. unprotected private key). This certificate and key file is used for decryption of files, sent in a decrypted manner from your partner.
    • Use MDN algorithm description by partner: If the remote partner requests a hashing algorithm which is not defined in the AS2 specification, use this value.
  • Block "Sending data to partner": how to send files to the partner.
    • Partner encrypt certificate and algorithm: certificate file (PEM or DER encoded files are supported). Encrypt outgoing files on-the-fly with the given certificate with the configured algorithm.
    • My sign certificate: certificate file (PEM or DER encoded files are supported incl. unprotected private key). This certificate and key file is used for signing the message with the configured algorithm.
    • Request signed MDN: activate this checkbox if you wish to receive back a signed MDN, if possible. This is just a humble request, not a requirement according to the specification.
    • Disable HTTP proxy: When initiating an AS2 connection, by default the configured HTTP proxy is being used. If this checkbox is enabled, the request will be made direct (without a proxy).
    • Request async MDN: if you wish to have the MDN received in an asynchronous process (not during the sending process), activate this checkbox.

Sending files

Sending files via AS2 is done via the send queue mechanism. The send queue daemon must be running in order to transmit files via AS2 automatically. The enqueueing binary identifies the file as AS2 file and issues the required transmission. All mechanisms (like sleep time between two sending failures) are included in the AS2 sending mechanism, you benefit from a very profound basis. The events for end send and xERP will be executed according to their outcome. All situations will be logged in the send log and event log.

Receiving files

A separate AS2 receiving daemon is available for AS2 HTTP(S) incoming connections, you can verify this in "Programs" -> "Daemons":

Bildschirmfoto 2020-09-30 um 12.09.29.png

Multiple processes are started:

  • os4x_as2_master: The master process which handles starting and stopping of the following daemons.
  • os4x_as2_http: Plain TCP/IP listener process for HTTP connections.
  • os4x_as2_https: Encrypted HTTPS listener process for HTTPS connections.

If needed, you can enable the optional column "Program" in the system log, send log and receive log to view which processes worked on which message. For incoming messages, the event end receive will be executed.

Debugging

When required, you can enable AS2 message debugging. The contained message log will help us analyze the format and interpretation of non-conform messages.