Create an *AS2 sender profile

In order to send data to a partner, an AS2 sending profile is required for each partner. All sender specific AS2 details being necessary for AS2 communication towards the partner are filed in this profile.
To reach the menu where an AS2 sending profile can be added, select menu item 52 in the i-effect main menu. A list of existing communication profiles will appear.
Press F6 to call up the menu where a new communication profile can be added. Then, select AS2 communication using option number 1 in the corresponding choice box. In the following menu, please select *SEND.

The following display will appear:

The following parameters can be configured:

Name/IP:	Enter the IP number or the DNS hostname of the partner's AS2 server.
TCP/IP port:	Enter the port number of the partner's AS2 server.
Path for Inbound MDN	If necessary, define a different IFS directory in which MDN files of inbound MDNs are stored.

This parameter allows IFS directories only.

Path for Sent Headers

The default IFS path in which header data of sent AS2 messages is stored. If necessary, define a different IFS directory.

This parameter allows IFS directories only.

AS2-TO (Recipient ID)

Enter the communication partner's AS2 ID. This ID is distinct for every partner and must be communicated to you by the partner. Most often, this ID is the partner's GLN (Global Location Number). Via this ID, a clear partner assignment is achieved in i-effect when receiving AS2 messages.

AS2 Encryption Alias

The AS2 encryption alias determines the partner certificate's entry in the keystore. The certificate is the communication partner's public key and must be communicated to you by the partner. It serves to digitally encrypt the message. The recipient needs his private key to encrypt the messages. How to import a certificate into the keystore is described in Chapter 12 "Additional Graphical Applications".

AS2 Encryption Algorithm

This parameter determines if encryption for AS2 messages is required.

*NONE

No encryption.

The AS2 message is not encrypted.

*TRIPLEDES

The message is encrypted by a Triple-DES encryption.

The Data Encryption Standard (DES)

is a widespread symmetric encryption algorithm with a key length of 3DES (=168 bits), which is three times as much as with DES encryption (=56 bits).

MDN Request

This parameter determines if and how a MDN is requested. Usually, the partner informs about the expected setting.

Three values are possible:

*SYNCH	An MDN will be requested when the AS2 message is sent, which should be received shortly after the transmission of the message. It is sent back by the recipient via the EXISTING connection.
*ASYNCH	An MDN is requested but is received with a time delay after the transmission of the AS2 message. It is sent back by the recipient via a NEW connection.
*NONE	MDN is not requested.

MDN Signature

The parameter "MDN Signature" defines the algorithm that the recipient of an AS2 message must use to sign the MDN. Note that if sent AS2 messages are signed with the SHA1 algorithm, the recipient must sign the MDN with the SHA1 algorithm, too. Option *MD5 in this parameter will be ignored in this case. Only if an AS2 messages is sent unsigned, an option must be selected.

*MD5	The requested MDN must be signed by a MD5 algorithm.
*SHA1	The requested MDN must be signed by a SHA1 algorithm.

MDN Protocol

Define the protocol that is to be used to send back an asynchronous MDN. This value is only relevant concerning asynchronous MDNs because synchronous MDNs use the existing connection, and therefore the protocol by which the AS2 message is transmitted.

Possible values are:

*SERVER	Default value. The MDN is sent to your system's AS2 server defined for receiving asynchronous MDNs. This server must be created beforehand. How to create an AS2 server is described in this chapter "Create an AS2 Reception Profile".
*SMTP	The MDN is sent back per SMPT (email) to the AS2 sender email address defined in menu 80. Please note that this way of transmission is rarely used.

Connection Timeout

The AS2 client waits until the set time has expired before connecting to a remote host (partner's server). If establishing a connection to the server fails after the indicated time (in seconds) has expired, the sending process will be canceled. After the set time in parameter "Send Retry Pause" has expired, the sending process will be repeated.

Recommended value: 120 seconds.

Receive Timeout

After a connection to the partner's server has been established and data has been transmitted, the AS2 client waits until the set time has expired to receive an OK from the partner's server (HTTP status code 200). If the required OK is not received within the set time, the *AS2 module will send a timeout error notification. Regrettably, there is no general rule for the time to be set, only experience may help to determine this value.

Recommended value: 120 seconds.

Content Type

Determine the AS2 message's type of content

Possible values:

*CONSENT	The AS2 message contains EDI files in none of the following formats (application/edi-consent).
*EDIFACT	The AS2 message contains data in the EDIFACT format (application/EDIFACT).
*X12	The AS2 message contains data in the X12 format (application/EDI-X12).
*XML	The AS2 message contains data in the XML format (text/xml).
*BINARY	The AS2 message contains binary data (application/octect-stream).
*FRMFILE	The type of content is identified by the file extension of the input file (.edi = application/EDIFACT). Using FRMFILE for DB2 files, the content type is always BINARY (application/octect-stream) because DB2 does not have typical file extensions.

Bodypart Type

Determine if one or more files are transmitted with the AS2 message.

Possible values:

*SINGLE	Default value. One file is transmitted with the AS2 transmission.
*MULTI	Several files are transmitted with the AS2 transmission.

The transmission of several files is not supported in the current *AS2 version. Please use the value *SINGLE for every transmission.

Proxy Server

If using a Proxy server for AS2 communication is desired, parameters to be applied can be defined here.

Possible parameters:

Host name/IP	Enter the IP address or DNS name.
TCP/IP Port	Enter the TCP/IP port.
User ID	Enter (if required) the authorized user's ID.
Password	Enter (if required) the authorized user's password.

SSL

This parameter defines the protocol to be used. Determine if AS2 communication is to be established via SSL/HTTPS (Secure Socket Layer) or standard HTTP.

*YES	Yes, the connection is established via SSL/HTTPS
*NO	No, the connection is established via standard HTTP.

Import Untrustworthy Certificates

Enter the value *YES into this parameter to automatically import server certificates that do not exist in the keystore via a HTTP (SSL/TLS) connection. In this case, be aware of the fact that every server connected with HTTPS and whose certificate does not exist in the key store is trusted.

If the value *NO is entered into this parameter and the certificate of the server to connect with does not exist in the keystore, the connection will automatically be closed. It is correct to abort the connection because the server's identity cannot be verified due to the missing certificate in the keystore.

*YES	Yes, untrustworthy client certificates are automatically imported.
*NO	No, untrustworthy client certificates are not automatically imported.

Use Client Authentication?

Determine if the AS2 client must authenticate with an X.509 certificate when establishing a connection to the partner's server. Using the value *YES for the "SSL" parameter, the partner's AS2 server will accept the incoming connection only in the case of successful verification of the certificate sent by the client. If not, the established connection will be closed failing identification as authorized partner trying to send an AS2 message to the server.

*AUTO	Default setting. Automatic verification if client authentication is requested from the server when connecting (SSL Handshake). If so, the corresponding certificate will be transmitted to the server, if possible.
*YES	Yes, client authentication is used. This setting is valid for every connection establishment. Servers not using client authentication cause an error. Consequently, the connection will be closed.

The partner should explicitly state if this form of SSL authentication is required.

Please note that this form of SSL authentication is requested by only a few servers and is generally not common on the Internet.

SSL Connection Certificate	By using the value *YES in the "Use Client Authentication ?" parameter, the name of key pair containing your public key (the certificate) can be entered. This certificate is transmitted to the server when sending AS2 messages. Of course, it must exist in the partner's AS2 server keystore before establishing a connection.
Description	A short description of the AS2 sending profile can be created here. This field has only a descriptive character, its content is arbitrary.