Setting up an internal AS2 test

Body

Occasionally I have been asked how to set up a loopback test for AS2.  The intention is to set up a complete AS2 test, all on a single test instance of Sterling B2B Integrator.  Unfortunately, that is not possible to do.  You have to have both an Organization profile and a Partner profile to set up an AS2 relationship, and they cannot have the same identifier.  Actually you need two Organizations (one for sending, one for receiving) and two Partners (one for sending, one for receiving), so you would need four profiles that all have the same identifier.  It can’t be done on one instance.

 

It can be done between two instances.  However, it is very challenging to do this without a good plan, because you have to keep in mind all of the details for both instances.  Here’s what is needed to do this without unnecessary aggravation.  I am going to use a simple, straightforward configuration, with HTTP (no SSL), synchronous MDNs, a self-signed certificate, no perimeter servers, and a file system directory.  Once that is set up it is not difficult at all to add other functions or make configuration changes.

 

Each Sterling B2B Integrator instance needs the following components:

1. An HTTP Server Adapter
2. A system certificate , which is applied to the Organization profile.
3. A unique AS2 identifier, which is applied in the Organization profile.

Each instance will need the following information from the partner’s system:

1. The end point including the domain name or IP address, the port and the URI
2. The partner’s certificate which must be checked in as a Trusted certificate, and which will be applied in the Partner profile.
3. The partner’s AS2 identifier which will be applied in the Partner profile.

 

Some tips:

 

If your server names are distinctive, use it in every part of the configuration.  If you’re sending from system “Achilles” to system “Hector”, use the system name in the certificate and the identifier.

 

If your server names are not truly distinctive, for example you are setting up AS2 partners on servers called a11a1001 and a11a1002, then make up distinctive names for your partners and use the names of the partners for the identifiers and certificates.  Also do this if you have two instances of Sterling B2B Integrator on the same server.  Do NOT call one “sender” and one “receiver”, because every sender is also a receiver.  Note this is a test instance.  You can use any names you want.  You can also have some fun with it.  It’s much easier to remember details if you’re sending from JohnWayne to RoyRogers, or MarvelComics to DCComics, or Romeo to Juliet, than server1 to server2.

 

Use different browsers for connecting to the two instances.  I usually use Google Chrome for one, and Mozilla Firefox for the other.

 

I am a baseball fan.  I will use partner names of pitcher and catcher for my example.

My test instances are both on a server called “oxnard”.  All of the configuration information on oxnard:4300 will be called pitcher, and the data on oxnard:54500 will be called catcher.

 

1. First I set up my certificate, HTTP Server Adapter, and Organization for pitcher.

1. On oxnard:4300, I will create a self-signed certificate with the name pitcher included in it.  I always use the expiration date in my certificate name as well.

               My “pitcher” certificate is: pitcher_exp_December_22_2019

I set this up first.  I went to Trading Partner > Digital Certificates > System Certificates, and created a new certificate with that name.

I then checked it out and saved it to an accessible location.  I will need it when I set up catcher.

2. My “pitcher” end point will be: http://oxnard:4402/pitcher

I set that up 2^nd.  I went to Deployment > Services > Configuration, and created a new HTTP Server Adapter.  I used the default settings except as follows: I changed the setting for Port to 4402, made sure my perimeter server said “node1 & local”, set the Total Business Process Queue Depth Threshold to 10, set User Authentication to “No”, clicked on the Next buttons until I got to the URI screen, added a new URI called “/pitcher”, defined it to use a business process called EDINTParse, and set Send Raw Messages to “Yes”.

3. I can now set up my Organization.  To do it I go to Trading Partner > AS2, select Create New AS2 Partner or Organization, select Organization, select Create New Identity, and go to next.  I define the following parameters: Identity name: pitcher_id, AS2 identifier pitcher, profile name: pitcher_prof.

All together, it looks like this:

 

Note: I am not ready to set up the relationship yet because I haven’t set up the partner, and I haven’t set up the partner because I haven’t created the certificate yet for catcher.

2. Now I will set up my certificate, HTTP Server Adapter, and Organization for catcher.

1. On oxnard:54500, I will create a self-signed certificate with the name catcher included in it.  It’s called catcher_exp_December_22_2019.  I check out this certificate so I can import it for my pitcher instance.
2. My “catcher” end point will be: http://oxnard:4402/catcher which is set up the same way as pitcher.
3. I can now set up my Organization for catcher.  It looks very similar to pitcher.

 

 

 

 

 

 

 

 

 

 

I do have the certificate for pitcher, so I can go ahead and check it in, and create the partner profile.

4. I check in the certificate first, by going to Trading Partner > Digital Certificates > Trusted Certificates and checking it in.  I use the same name that I used on pitcher, which is pitcher_December_22_2019.
5. Then I can go to Trading Partner > AS2 and create a new partner for pitcher:

I’m going to use the same information I used to create the Organization on the pitcher instance: identity name: pitcher_id, identity: pitcher, and profile name: pitcher_prof.

As before, I use the default settings everywhere except where I specify a different parameter below:

The end point is: http://oxnard:4402/pitcher

I use a response timeout of 30

SSL is None

I select the certificate of pitcher_exp_December_22_2019 for the Exchange and Signing certificate fields.

I select the button next to MDN Receipt.

Then I click Save and Finish.  Here’s my pitcher profile on the catcher instance:

 

 

 

I can also create my relationship now on the catcher instance, I have all of the required configuration information at this point:

I go to Trading Partner > AS2 and create AS2 trading relationship:

I define Organization as catcher_ID

I define Partner as pitcher_id

And I use all defaults for all of the rest of the values.

 

I’m not quite ready to test this yet.  We haven’t finished setting up the pitcher side yet.

3. I go back to my pitcher instance now, and do the steps I outlined in part 2, steps d, e and f:

4. Check in the certificate, catcher_December_22_2019
5. Create a partner profile for catcher
6. Create a relationship to send data from pitcher to catcher

4. NOW I can test it from either side to the other.

There are two ways to do it:

1. Under Trading Partner > AS2, use the 4^th Go button to locate your relationship from either side, which will look like this:

 

 

 

Then click on the “info” button, and find the Collection folder.  Navigate to that folder or directory on your server, and put a file in it, and wait until it is sent.  When it is sent, you can go to Business Process > Monitor > Central Search, locate the process EDIINTParse, and see that it is successful:

2. Under Trading Partner > AS2, find the partner configuration or the relationship, and select the Test Now AS2 button.  The results will look like this:

 

There could be errors.  There is material elsewhere in our blogs on how to diagnose them.  If you need help, please open a PMR with the Support group.

If you set everything up correctly, though, both testing methods should work.