Difference between revisions of "OFTP2 - John Deere"

From OS4X
Jump to navigation Jump to search
 
Line 1: Line 1:
 
= Version history =
 
= Version history =
 
*2018-02-18: First writing of this document
 
*2018-02-18: First writing of this document
 +
*2021-08-11: Updated to latest version
 
This document refers to information received from our customers. The mentioned certificate is valid since 1st of March 2017 and will expire at 19th of April 2019.
 
This document refers to information received from our customers. The mentioned certificate is valid since 1st of March 2017 and will expire at 19th of April 2019.
  
Line 10: Line 11:
 
= Identify the correct certificate =
 
= Identify the correct certificate =
 
You must have received the certificate from John Deere via another medium, such as email. A known package is the file
 
You must have received the certificate from John Deere via another medium, such as email. A known package is the file
  JOHNDEEREPARTNERPACKAGEOFT.zip
+
  JOHNDEEREOFTP-230421-ZIP.zip
 
Which contains the following files:
 
Which contains the following files:
  John_Deere_new_certificate_04_04_2017.txt
+
  John_Deere_new_certificate_13_04_2021.txt
 
  JohnDeere-Parameter.txt
 
  JohnDeere-Parameter.txt
  '''JohnDeere190419.cer'''
+
  '''JohnDeere230421.cer'''
 
  ODETTE Root.cer
 
  ODETTE Root.cer
 
  ODETTESHA2IssuingCA.cer
 
  ODETTESHA2IssuingCA.cer
  
The certificate file "JohnDeere190419.cer" is what you need, since this is the end-certificate of the whole chain.
+
The certificate file "JohnDeere230421.cer" is what you need, since this is the end-certificate of the whole chain.
  
 
= Configure certificate at partner =
 
= Configure certificate at partner =
Line 34: Line 35:
 
[[File:Google ChromeScreenSnapz470.png]]
 
[[File:Google ChromeScreenSnapz470.png]]
  
Click on the button "Upload certificate" and select the identified certificate file "JohnDeere190419.cer". Afterwards, everything is configured well and your OFTP2 configuration is waiting for a first transmission test.
+
Click on the button "Upload certificate" and select the identified certificate file "JohnDeere230421.cer". Afterwards, everything is configured well and your OFTP2 configuration is waiting for a first transmission test.
  
 
[[Category:Best practice]]
 
[[Category:Best practice]]

Latest revision as of 11:26, 11 August 2021

Version history

  • 2018-02-18: First writing of this document
  • 2021-08-11: Updated to latest version

This document refers to information received from our customers. The mentioned certificate is valid since 1st of March 2017 and will expire at 19th of April 2019.

Background

John Deere uses for its OFTP2 file exchange service different certificates for TLS and OFTP2 internal security (secure authentification, file encryption and file signing). This way, you cannot use the easy-to-use-mechanism of downloading the certificate from the TLS server for all services. Starting with OS4X 2018-02-19, the following error message will appear when you try to do so:

Google ChromeScreenSnapz468.png

Identify the correct certificate

You must have received the certificate from John Deere via another medium, such as email. A known package is the file

JOHNDEEREOFTP-230421-ZIP.zip

Which contains the following files:

John_Deere_new_certificate_13_04_2021.txt
JohnDeere-Parameter.txt
JohnDeere230421.cer
ODETTE Root.cer
ODETTESHA2IssuingCA.cer

The certificate file "JohnDeere230421.cer" is what you need, since this is the end-certificate of the whole chain.

Configure certificate at partner

When editing the partner, click on "Configure" beside the "OFTP2" protocol setting:

Google ChromeScreenSnapz469.png

Select "AES256 SHA1" as cipher suite for all services. Afterwards, activate the following services:

  • Enable file signing
  • Enable file encryption
  • Enable secure authentification

The field at the right of the checkboxes displays that certificate information are missing:

Google ChromeScreenSnapz470.png

Click on the button "Upload certificate" and select the identified certificate file "JohnDeere230421.cer". Afterwards, everything is configured well and your OFTP2 configuration is waiting for a first transmission test.