AS2 (Channel Settings)
Introduction: For a general introduction to AS2, see section AS2 with Lobster_data. There you will also find the URL of the AS2 service of Lobster_data.
See also: General Channel Settings, AS2 (Input Agent) and Response Route AS2.
The URL of the partner AS2 service must be entered as a partner address in an AS2 channel if outgoing data is allowed. The protocol can be HTTP or HTTPS because the AS2 protocol is transported within an HTTP envelope.
Note: For encryption and signing in general, please refer to the section Certificates.
(1) A local certificate (with private key) can be assigned to the channel here. This certificate is used to decrypt the incoming data encrypted by the partner. If no local certificate has been assigned under (3), it also serves to sign outgoing data.
Note: For AS2 over HTTPS, a client certificate may additionally be required for the outgoing HTTPS connection. The certificate in (1) is also used for this purpose. See also section Authentication by Client Certificate. The external server is allowed to use a self-signed certificate for HTTPS. The import of the server certificate as a partner certificate is not required.
(2) A partner certificate, i.e. the public part of a certificate of your partner, can be assigned to the channel here. This certificate is used to encrypt the data to be sent. If no partner certificate has been assigned under (3), it also serves to check the signature of received data.
(3) See (1) and (2).
(4) Specifies whether data sent from Lobster_data to the partner system will be signed and/or encrypted. The data is signed with the signature algorithm set in (6) and encrypted using the encryption algorithm set in (7).
(5) If set, Lobster_data rejects data that is not signed or encrypted. Attention: If the partner sends encrypted or signed data, a local certificate to decrypt the data or a partner certificate to check the signing must still be available, even if the option here in (5) is not set. Otherwise, the message would not be decryptable or the signature could not be checked. But the message will not be rejected.
(6) Determines which algorithm is used to sign data sent by Lobster_data. The setting is only effective if the checkbox Send signed (4) is set.
(7) Determines which algorithm is used to encrypt data sent by Lobster_data. The setting is only effective if the checkbox Send encrypted (4) is set.
(8) Here, you can define how the channel sends the MDN to the communication partner. Lobster_data offers the following possibilities.
System setting. The settings in configuration file ./etc/as2.xml are used.
Synchronous. A synchronous transmission of the MDN is used.
Asynchronous. An asynchronous transmission of the MDN is used. If no URL is defined in the configuration file ./etc/as2.xml, it must be specified in field MDN URL. An entry in the configuration file would look as follows.
<Setname="defaultMDNAsynchronousURL">http://100.1.20.45:8080/partner/AS2Retrieve</Set>
(9) The algorithm by which the so-called digest of the MDN is calculated. A digest is a hash value of the sent message. The digest can be used to ensure that the MDN is actually referring to the sent message.
(10) Opens another dialogue, which can be used to determine how to react to various errors. See the following screenshot. The values set there should only be changed in exceptional cases.
(1) The data is accepted and passed on for further processing (response code processed).
(2) The data is accepted but is not passed on for further processing (response code processed/error).
(3) The data is accepted and passed on for further processing, although something unforeseen has happened. Such a response can, for example, be given if the sender of the data could not be authenticated, but the data should still be processed (response code processed/warning).
(4) The data is not accepted (response code processed/failure).
Note: For the response codes see also section Comm-Log (Input Agent).