Send and Receive Files with the AS2 Connector
The AS2 Connector in Arc makes it easy to send/receive with your trading partners. There are three main steps required to get started using the application:
Configure Your Personal Profile
The first thing that you'll want to do is to configure your own AS2 profile. Your AS2 profile defines important information used to identify you with your trading partners. Select the Profile menu item to get started configuring your profile.
The Profile selection contains everything that is relevant to your identity in an AS2 exchange. It also contains global settings that can be used by multiple connectors. There are a number of settings available for various configurations, however, the majority are optional. To get started you will need to specify the following:
- AS2 Identifier
- Public Domain
- Personal Certificate
- Receive URL
You can make it easy for your trading partners to obtain your public certificate and application URLs by selecting the option to publish your profile.
AS2 Identifier
Identifies the partner in an AS2 transmission, similar to an email address in an email exchange.
Set the AS2 Identifier to a value that has meaning to you or your organization, for example, your company name or department name. The AS2 Identifier for the test profile is "TestAS2".
The AS2 Identifier indicates who the transmissions are coming from: The value that you set here will be sent in the headers of AS2 transmissions that you initiate.
The AS2 Identifier is one piece of information that you will give your trading partner when exchanging profile information. Your partners will use this value to load the settings for your profile, so they can process your requests.
Public Domain
Defines the public domain name or IP address where your server can be reached.
When you specify the public domain, Arc calculates the URLs used for receiving AS2 transactions and MDN responses.
You will need to work with your network administrator to determine what value to provide here — this will be the domain name or IP address that can be used to reach this machine from outside of your local network.
You must ensure that your network is publicly accessible. Arc cannot detect the public domain name or perform any network configuration.
Personal Certificate
Signs outgoing messages to your trading partners and decrypts incoming transmissions. The AS2 Connector uses a private key certificate in PKCS#12 format (that is, a .pfx or .p12 file).
You can test your decryption and signing configuration with the private key certificate in the test profile, test.pfx, which is included in the installation package. Since this certificate is distributed with all downloads of this application, it is not secure, so you will want to replace the certificate with your own. You can use one of the following methods to select a certificate:
- Select Upload Certificate in the Private Certificate menu to select an existing certificate from disk.
- Create a new self-signed certificate using the Create Certificate button. This will create both a new private key certificate and a public key certificate (.cer file) with the same name.
Your public key certificate is not used by the application. It is used by your partner to encrypt messages to you.
Receiving URL
Defines the URL where you will receive new AS2 transmissions. This value will be generated for you based on the server that the application is running on and the Public Domain you have configured.
Note: This is not a value that you choose or one that is used in the application — instead, you would provide this to your trading partners as the address to connect to your solution. You may wish to test this URL with a browser from outside of your network to ensure that it is accessible (the response will contain XML, but you want to ensure that the browser does not encounter any errors).
Configure a Trading Partner
Typically trading partners will provide the specific settings required to connect to their AS2 endpoints. In Arc, you use these settings to configure an AS2 Connector for that partner. You can send files, manage connectors, and configure a connector for a new trading partner in the Connector section. A sample Test AS2 partner profile is included with the application for reference.
To add a new AS2 Connector, click the cogwheel button on the list of connectors and click Add Connector. In the resulting dialog, select AS2 in the Connector Type menu and enter a unique identifier for the connector.
To work with an existing connector, select the connector in the menu. Additional connector configuration can be configured through the Settings tab. Just as with the personal profile, most of the settings are optional. In most cases you will only configure the following fields for each trading partner:
- AS2 Identifier
- Partner URL
- Trading Partner Certificates
AS2 Identifier
The AS2 Identifier is the name that identifies your partner in an AS2 transmission, just like your AS2 Identifier identifies you. Your trading partner will provide you with their AS2 Identifier as part of their AS2 profile information.
When you send outgoing requests to your trading partner, the AS2 Identifier is used in the header of the request to indicate the recipient.
The AS2 Identifier of the self-test profile is "TestAS2", which is the same value that was configured in the personal profile. When outgoing requests are sent to this trading partner, a header in the request will indicate that the transmission is for "TestAS2". If you have changed the value of the AS2 Identifier in the wish to configure a new self-test profile, provide the same AS2 Identifier that you configured in the Profile->Settings section.
Note that this value is case sensitive, so when configuring new trading partners be sure to check the casing is correct.
Partner URL
The Partner URL is where your trading partner receives AS2 transmissions. This value must be unique for each trading partner.
When receiving a URL from your trading partner, test your partner's URL using a Web browser to quickly determine if the address is accessible. This is a good way to see if there are any network issues to be resolved before connectivity can take place.
The self-test URL is "http://localhost:8001/pub/Receive.rsb" and conforms to the URL scheme that you saw as the Receiving URL in your personal profile. Localhost is a loopback address that translates to the local machine, so you can use it in place of your public domain or IP address but only for requests that originate on the machine.
In place of localhost, you can also use the public domain from the Profile -> Settings -> Public Domain field to reach the Receiving URL. This will route the request outside of your local network, and you can use this to check your network configuration settings to make sure the request can reach the application through your firewall.
When receiving a URL from your trading partner, use a Web browser to test your partner's URL to quickly determine if the address is accessible. This is a good way to see if there are any network issues to be resolved before connectivity can take place.
In some cases, your trading partner may send you more than one URL, a Receiving URL and a URL for receiving asynchronous MDNs. If this is the case, you only need to configure the Receiving URL; if a separate URL is needed to return MDNs to, it will be sent in the AS2 transmission and Arc will read it from there.
Note: Even after you have changed your personal profile settings, the receiving URL for the application will not change unless you change the server to use a different connector.
Trading Partner Certificates
Configure one or more digital certificates for each trading partner. Each trading partner will provide the certificates required for communication with their servers. Arc accepts X.509 public key certificates (files with .cer, .der, or .pem extensions).
If your trading partner provides you with one certificate, simply configure it in the Encryption Certificate field, and it will be used for all purposes. Otherwise, check with your trading partner to see which purpose each certificate is used for. Often, if your partner has acquired a certificate from a commercial certificate authority, your partner will provide you with all the certificates in the certificate chain, in addition to the public key certificate. In this case, it is only necessary to configure the leaf certificate (the last one issued in the chain).
In the Verification Certificate menu, you can specify an additional certificate to be used only for verifying signatures.
There is only one certificate configured in the test profile, a "test.cer" file provided with the application, which corresponds to the "test.pfx" certificate that was configured in the personal profile. If you are reconfiguring your self-test profile and you used the certificate creation utility to create a certificate for your personal profile, select the public key certificate (.cer file) that was generated alongside your private key in the Encryption Certificate property.
Send and Receive Files
After configuring your personal profile and a trading partner you can begin to send and receive files securely over the Internet. The Send tab lists those files that are available to upload to each partner. If you have not configured an AS2 partner, you can create a simple AS2 self-test profile as a reference using the same AS2 Identifier from your AS2 profile and using your Receiving URL.
Send Documents
On the Send tab, you can select and send documents to your trading partners. After successfully sending documents to your trading partners, you can configure the application so that files placed in the outgoing folder are sent automatically to this trading partner.
The outgoing folder is highlighted on the Send tab. This folder is determined automatically when the trading partner profile is first created, but the location of this folder is configurable in the paid version of the application in the Partners->Advanced section of the application.
When you first configure a new trading partner profile, you can use the Send selection to test the sending of new AS2 transmissions to your trading partner to make sure that your profiles are configured correctly and a connection can be established. To do this:
- Click Create Test Files to create a series of test files to be sent to the trading partner.
- Select one of the newly created files and click Send.
After you have sent a file to your trading partner, you will see the status of the transmission above the table. If the transmission was successful, the status will be displayed in green; otherwise you will see an error message in red containing the details of the transmission. The table will also be updated to include log files for the transmission.
Expand the entry for the received file to view the log files associated with the transmission. Select the link for the file itself to download a copy of the file from the application.
If you are using the self-test profile, you will also receive the file that you just sent. Select the Receive tab to view the received file.
View Received Messages
On the Receive tab, you can view any incoming messages that have been received from the selected trading partner. You can expand the entry to display a list of the available logs for each transmission.
Exchange Messages
Files that you send and receive are handled independently. Making sure that you are able to successfully send files to your trading partner and that you are able to successfully receive files from your trading partner are two separate tasks.
Need a Refresher on AS2?
If you're newer to AS2 and want a refresher on how it works, take a look at our complete guide to the AS2 protocol.
Learn More About AS2Ready to get started?
Use Arc's free 30-day trial to start building your own custom workflows today: