Documente Academic
Documente Profesional
Documente Cultură
Version 2 Release 5
Purpose
This manual provides a brief guide to the installation and configuration of
Spazio MFT/S AS2 Connector for Distributed Platforms. It starts by
providing an overview of the various Spazio MFT/S configuration files that
must be configured to run AS2 Connector, and a description of the
parameters that they contain. The chapters that follow provide a detailed
description of the configuration and the parameters for the configuration
files.
You are recommended to use this manual as a reference during
installation/configuration.
Reader
This manual is provided for Spazio system administrators. Typically these
persons will be either experienced System Programmers or experienced
software developers.
It is assumed that the reader has a broad knowledge of computer systems.
Mainframe, UNIX, Windows and other operating system experience will help
in understanding this manual, but is not essential.
Related Publications
A comprehensive suite of manuals is provided to support the implementation
and usage of SPAZIO MFT/S.
These manuals are divided into three categories:
z/OS - manuals for the z/OS Mainframe platform
Distributed platforms - manuals for non-Mainframe platforms including
SPAZIO workstation
General - manuals for both the Mainframe and non-Mainframe platforms.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 i
About this manual
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
ii EMAFTM091/06
Table of Contents
Chapter 2 Installation 21
2.1 Post installation tasks 21
2.1.1 Creation of working folder for Spazio MFT/S AS2 Connector 21
2.1.2 Creation of Spazio MFT/S AS2 Connector Persistency Tables in
RDBMS 22
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 iii
Table of Contents
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
iv EMAFTM091/06
Chapter 1 Overview and concepts
1.1 Introduction
From version 2.3.4 onwards Spazio MFT/S supports a new Java based
runtime framework for transports and server extensions (sometimes collectively
referred to as transports) called SPXP.
SPXP is a transport container which can host several transport protocols and
transport instances.
Although SPXP has its own configuration files and paradigm, from a runtime
and functional perspective it is fully integrated with Spazio MFT/S core.
Spazio MFT/S AS2 Connectoris an optional component of the SPXP runtime
that delivers support for AS2 protocol as defined in the RFC-4130.
Knowledge of the Spazio MFT/S product and in particular of the SPXP
transport framework is a requirement for reading this manual. For further
information please refer to Spazio MFT/S documentation and in particular to
the SPAZIO MFT/S for Distributed Platforms: SPXP Transports manual.
In addition, knowledge of the AS2 protocolstandard is a requirement for
reading this book. For further information on AS2 please refer to theofficial
AS2 protocol documentation as RFC-4130 and addendum.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 1
Overview and concepts
The current AS2 specification and the AS2 community have a major focus on
interoperability, to ensure the smooth possibility for different As2 compliant
software to exchange documents without any conflicts or problems.
Many concepts are behind the global AS2 protocol, the most important are:
Message Disposition Notification (MDN)
Security
Optional profiles
MDN
The Message Disposition Notification (MDN) is the acknowledgment sent in
response to an AS2 message. If an MDN is enabled, the AS2 transmission is
not complete until the MDN has been received and verified.
The MDN provides verification of the following:
That the original message was successfully received by the receiving
party, by sending back the MessageID of the original sent message.
That the integrity of the data exchanged was verified by the receiving
partner, by sending back the MIC calculated by the receiver on the
message.
That there is a non-repudiation of receipt.
Secure transfer
AS2 offers options for security ranging from sending data over a secure
connection (HTTP/S) to package encryption (using a digital certificate to
completely encrypt the business document). A document also can be digitally
signed, letting a receiver be confident the document is valid. Even the MDN
can be encrypted and signed, as required from the sender.
Optional profiles
The optional profiles define extensions of the AS2 protocol that can be
optionally implemented by different software, following clearly defined
specifications, however, in order to guarantee interoperability between
products that support the same optional profile.
Currently the optional profiles (OPs) are:
Certificate Exchange Messaging (CEM)
Multiple Attachments (MA)
Filename Preservation
AS2 Reliability
Chunked Transfer Encoding
AS2 Restart for Very Large Messages
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
2 EMAFTM091/06
Overview and concepts
Spazio MFT/S AS2 Connector implements some of the optional profiles, and
in a different way for the Client and the Server parts of the connector.
For example, the Multiple Attachments profile is fully supported by the Server
(which can receive an AS2 message with multiple files sent as come
attachments and insert them in a Spazio queue) while it is not supported by
the Client part (because in Spazio each file travels as a separate message and
therefore there is no native aggregation policy).
The following is a list of optional profiles that are supported by the current
version of the Spazio AS2 connector, divided by server-side and client-side
support.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 3
Overview and concepts
Optionally
saved MDN
Figure 1
Spazio MFT/S server plays the role of an AS2client and sends files to a
remote AS2 Server. Based on the configuration parameters, selected files
belonging to Spazio MFT/S remote queues will be sent to a target AS2
destination (AS2 Server) using the AS2 protocol.
Spazio MFT/S submits singleton file transfers, i.e. file transfers having just
one file member.
In addition Spazio MFT/S AS2 Connector includes a component for the
reception of asynchronous MDNs; in practice a HTTP/S server that listens on
a port defined in the configuration parameters manages the MDNs sent by
the remote AS2 servers in reply to the sending of the file by Spazio.
In this scenario one or more files are sent via AS2 to a remote recipient.
The files can embedded in the message as EDIData or as attachment of the
message itself. An ad hoc configuration parameter will tell the connector how
to manage the file.
When the file is sent, the necessary services (compression, encryption and
digital signature) are applied.
When the file is sent completely, it appears as complete from the MFT point
of view.
The MDN can be required or not, synchronous or asynchronous, and should
be in the correct format (encryption and digital signature) and through one of
the following channels: HTTP, HTTPS, SMTP.
Since when we act as client we are defining which kind of MDN we are
waiting for, we can assume as first implementation that we are not
supporting the request of a MDN via SMTP.
Main Use Cases:
Sending a file without MDN request
Sending a file with synchronous MDN request
Sending a file with asynchronous MDN request to be returned via HTTP
or HTTPS
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
4 EMAFTM091/06
Overview and concepts
Figure 2
Spazio MFT/S Server with AS2 Connector correctly configured plays the role
of an AS2 server, waiting for incoming messages from any AS2 remote client
and dispatching the files into a Spazio MFT/S queue.
The target queues used in this scenario may be remote and possibly
associated with a different transport protocol, effectively enabling the
support of multi-hopped file transfers with protocol switching.
In this scenario one or more files are received via AS2 from a remote partner.
Receiving queues can be selected based on the AS2-From field belonging to
the AS2 Remote Client. Therefore we could have only one receiving queue for
an AS2 Server or multiple receiving queues, one for each client that uses the
server.
When the file is received, the necessary services (decompression, decryption
and signature verification) are applied.
In case of MDN required, the appropriate MDN must be generated and
returned to the partner.
Also in this case, the entire cycle is seen from Governance.
Main Use Cases:
Receiving a file without MDN request
Receiving a file with synchronous MDN request
Receiving a file with asynchronous MDN request to be returned via
HTTP, HTTPS or SMTP.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 5
Overview and concepts
This module task is to extract a file from a Spazio remote queue and submit it
to a remote AS2 server.
The current implementation supports only single file sending, not the
Multiple Attach Optional Profile.
This module is based on the /nSoftware AS2 component, integrating it into
the SPXP environment.
It uses a RDBMS to store the information for the asynchronous MDN
reconciliation.
In the current release, the MDNs received in reply to the files sent can be
optionally stored in a Spazio local queue.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
6 EMAFTM091/06
Overview and concepts
The File Server and the MDN Receiver are both HTTP/S servers, and could
be a customer requirement that both of them work on the same port. So the
system is designed to be able to:
Do not have any HTTP/S server active
Have only one HTTP/S server acting as both File Server and MDN
Receiver
Have one or more File Servers and one or more MDN Receivers active on
different ports
Have one or more File Servers and no MDN Receivers active
Have no File Servers and one or more MDN Receivers active.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 7
Overview and concepts
The Embedded HTTP/S Servlet Container where AS2 File Server executes is
the same from the one used for the Master Push HTTP Server (MDN
Receiver) component, but different servlets are implementing the two
components since different behaviors are request.
The File Servers are capable of storing received files in a single default Spazio
queue, or can alternatively use multiple queues, dispatching received files
based on the field AS2-From policy.
Even the Server Transport needs to store information about the incoming
messages, for the Reliability implementation in a persistence repository.
Information about partner management is stored in this repository.
RDBMS storage
Both the Master Push and the Server components need to store long term
information on the transport, in particular the following data:
Authentication, encryption and signing certificates
Reconciliation of the files sent with return MDNs, Master Push side
Sending MDNs for files processed correctly by the back office, server side
Checking of multiple sends for the AS2 Reliability profile, through history
recording of the Message-IDs and MICs (Message Integrity Check) of the
messages already received
For this purpose the Spazio AS2 connector uses a RDBMS, saving all the data
required for implementing the necessary message traffic for AS2 Reliability in
a series of tables.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
8 EMAFTM091/06
Overview and concepts
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 9
Overview and concepts
The DSSP component provides services that implement these functions, and
the AS2 connector invokes those services with the necessary parameters,
obtained from the configuration files and in the dedicated RDBMS tables for
partner profiling.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
10 EMAFTM091/06
Overview and concepts
CEMResponse
The EDIINT Certificate Exchange Messaging (CEM) Response is one of
two possible CEM messages. It is the response to the CEM Request
indicating whether or not the end entity certificate present in the CEM
Request was accepted.
Certificate States
PENDING
Upon receiving a certificate from a trading partner, the certificate is
marked as PENDING until a decision can be made to trust it or if its
validity period has not yet begun.
REJECTED
If a pending certificate is not trusted, it is considered REJECTED.
ACCEPTED
Once a pending certificate has been trusted, it is considered ACCEPTED.
An accepted certificate may be used in secure transactions.
The AS2CEM command line has been introduced to manage the CEM
request/response functionality in Spazio MFT/S.
In addition, the AS2 server is able to receive CEM messages from the
counterpart at the following URLs:
http://SpazioAs2Server:8010/receiver?type=CEMRequest
http://SpazioAs2Server:8010/receiver?type=CEMResponse
Where server name, server port and servlet name are configurable through
properties; only the sentences ?type=CEMRequest or ?type=CEMResponse are
mandatory.
Received CEM messages are notified through an e-mail to the configured
account and the details are displayed using the AS2CEM LIST command.
Because of the number of parameters required by the AS2CEM command, it
is possible to use a mixed method of function configuration, based on
command-line parameters and property file parameters.
Sent and received CEM messages are stored in the Spazio AS2 database, to
keep track of the various CEM operations.
AS2CEM REQUEST
AS2CemRequest
Usage:
AS2CemRequest -flag Value
-r RequestId The RequestId of the outgoing CEMRequest
-f From The As2From identifier
-t To The As2To identifier
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 11
Overview and concepts
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
12 EMAFTM091/06
Overview and concepts
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 13
Overview and concepts
AS2CEM RESPONSE
AS2CemResponse
Usage:
AS2CemResponse -flag Value
-r RequestId The RequestId of the corresponding CEMRequest
-f From The As2From identifier
-t To The As2To identifier
-a CertAccept Acceptance for every certificate (one or more delimited by ;)
-T TransportDomain AS2 Transport Domain
-N Name SpazioAS2 configuration property name
-d DatabaseUrl SpazioAS2 database URL
-D DatabaseDriver SpazioAS2 database driver
-l LogPath Logfile directory
-c ConfigFile CEMResponse configuration property file path
AS2 jar version : 9.0.0.5365
... all done
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
14 EMAFTM091/06
Overview and concepts
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 15
Overview and concepts
AS2CEM LIST
AS2CemList
Usage:
PrintType specification:
DETAIL Display data related to a specific
RequestId + From + To
LIST Display list of data related to a
specific From, To, CEMType,
Direction, Status
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
16 EMAFTM091/06
Overview and concepts
The following example illustrates a sample of CEM list with the command:
AS2CEM LIST-T LIST -c $SPAZIO/cfg/CemList.properties.sample
Note that some parameters are provided from the command line.
The output of the above command should be like the following:
-------------------------------------------------------------------------------------
14 RequestId_001 SpazioAS2CounterpartAS2 REQUEST OUTGOING ACCEPTED
CN=AS2 Test Sending Organization - 01 - [C:/spazio/CERT/client.new1.cer]
14 RequestId_001 SpazioAS2CounterpartAS2 REQUEST OUTGOING REJECTED
Bad certificate
CN=AS2 Test Receiving Organization - 01 - [C:/spazio/CERT/client.new2.cer]
15 CemRequest1 CounterpartAS2 SpazioAS2 REQUEST INGOING REJECTED
Bad certificates
CN=AS2 Test Sending Organization - 01 -
[C:\SpazioAs2\CEMCertDir\CemRequest1_0f1f46e3aa110c8c_695c73fb_1473a8559ba_-7ffe.cer]
15 CemRequest1 CounterpartAS2 SpazioAS2 REQUEST INGOING ACCEPTED
CN=AS2 Test Receiving Organization - 01 -
[C:\SpazioAs2\CEMCertDir\CemRequest1_0f1f46e3aa110c8c_695c73fb_1473a8559ba_-7ffd.cer]
-------------------------------------------------------------------------------------
The following example illustrates a sample of CEM detail list with the
command:
AS2CEM LIST -T DETAIL -r RequestId_001 -f SpazioAS2
-t CounterpartAS2
-c %SPAZIO%/cfg/CemList.properties.sample
Note that some parameters are supplied from the command line.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 17
Overview and concepts
AS2CEM DELETE
AS2CemDelete
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
18 EMAFTM091/06
Overview and concepts
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 19
Overview and concepts
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
20 EMAFTM091/06
Chapter 2 Installation
<SpazioAS2>/EncodeTempDir
<SpazioAS2>/ ClientRestartDir
<SpazioAS2>/DecodeTempDir
<SpazioAS2>/IncomingDir
<SpazioAS2>/ServerRestartDir
<SpazioAS2>/CEMCertDir
If the root directory (<SpazioAS2> in this example) is not present (for the
master or the server side) the Spazio AS2 Connector will raise an error at the
first operation executed.
Afterwards you must insert the full path of the root directories created into
the previously mentioned configuration file spxp.as2.properties, under the
items:
AS2Server.Source.[Name].As2Path=
AS2Master.Target.[Name].As2Path=
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 21
Installation
The AS2 protocol can be used for long term flows; this involves the
use of date storage for saving and retrieving the information for the
actual transport (signatures of partner's certificates, status of the
transports, MDNs and MessageIDs, etc.).
Depending on whether you wish to use SPFAB or not, the installation will
follow different paths from this point on.
Embedded RDBMS
To use the Embedded RDBMS, you need to create a new DB before activating
the AS2 connector.
The only difference in the installation of the two Embedded RDBMS usage
modes is where to create the new DB: in the address space managed by
SPFAB or in a separate directory.
In order to use the embedded RDBMS you just need to create a new empty
database into the relevant directory, and then configure the JDBC connection
parameters appropriately.
These parameters are included in the relevant section of the chapter on the
configuration of the protocol.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
22 EMAFTM091/06
Installation
This parameter specifies the start-up mode for the embedded server if it is
started up internally by Spazio. It is in fact possible to use an RDBMS external
to Spazio or delegate Spazio the task of starting the RDBMS server; in the
latter case the parameter DBMS_H2_SERVER_PARAM allows you to define the
parameters with which this embedded server is to be started up.
If there are no applications external to Spazio that use the same H2 embedded
RDBMS, you are advised to delegate the start-up and management of the
RDBMS server to Spazio SPFAB component.
In Database URL you must insert the full path for the creation of the DB,
which will be subsequently used in the settings paragraph.
The name of the DBMS must be as2data.
For the parameter -f SQL file path you need to supply the path of the
file Extended-DB-H2.sql which is located in the Spazio cfg directory.
The command must be run with Spazio stopped, to avoid interfere with the
H2 instance started by SPFAB.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 23
Installation
as2db -u "jdbc:h2:tcp://localhost/C:/as2/h2dbms/as2data"
-d org.h2.Driver
-f %SPAZIO%/cfg/AddCemTable-DB-H2.sql
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
24 EMAFTM091/06
Chapter 3 Configuration Overview
The parameters are the following (appropriately specified for the various
sections):
DBMS_SPFAB Flag to enable/disable the use of SpFab
as the manager of the connection
parameters (default = true).
If it is set to true, all the following
parameters will be ignored.
DBMS_DRIVER JDBC driver used for accessing the
RDBMS
DBMS_URL Parameters for accessing the specific DB
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 25
Configuration Overview
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
26 EMAFTM091/06
Configuration Overview
The received files are stored in the default queue AS2TEST in DemoQm queue
manager.
AS2Server.Source[SERVERFILE].ServerPort=8010
AS2Server.Source[SERVERFILE].ConnectorType=HTTP
AS2Server.Source[SERVERFILE].As2Path=C:/SpazioAS2
AS2Server.Source[SERVERFILE].FileServletPath=/receiver
AS2Server.Source[SERVERFILE].QM=DemoQM
AS2Server.Source[SERVERFILE].Queue=AS2TEST
AS2Server.Source[SERVERFILE].QMUser=
AS2Server.Source[SERVERFILE].QMPassword=
AS2Server.Source[SERVERFILE].QMPasswordEncoded=
AS2Server.Source[SERVERFILE].MoveType=MOVE
AS2Server.Source[SERVERFILE].AsynchMdnBehaviour=DIRECT
AS2Server.Source[SERVERFILE].MdnServletPath=
AS2Server.Source[SERVERFILE].MdnOptions=
AS2Server.Source[SERVERFILE].MdnQueue=
AS2Server.Source[SERVERFILE].MdnMailServer=
AS2Server.Source[SERVERFILE].MdnMailFrom=
AS2Server.Source[SERVERFILE].MdnMailSubject=
AS2Server.Source[SERVERFILE].TRANSPORT_DOMAIN=TestDomain
AS2Server.Source[SERVERFILE].FlexFrom_1=
AS2Server.Source[SERVERFILE].FlexQueue_1=
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 27
Configuration Overview
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
28 EMAFTM091/06
Configuration Overview
NOTE: the DEFAULT section must not be removed from the configuration.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 29
Configuration Overview
Example
A new AS2 Connector push master transport must be defined in order to
connect the queue TO.MYAS2SRV a remote queue defined on queue
manager DemoQM to a remote machine MYAS2SRV2 running an AS2
Server listening on the URL http://remotehost:8010/receiver.
Here is a walkthrough of the necessary configuration steps.
Create the remote queue TO.MYAS2SRV:
qcreate DemoQM TO.MYAS2SRV /qAS2QM /QANYNAME /xTranspClass(AS2)
3.6 Security
The security configuration files used by the AS2 protocol are:
spxp.as2.properties
as2.ini
dstk.ini
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
30 EMAFTM091/06
Configuration Overview
Once the various Master and Source components have been defined in the
spxp.as2.properties file, the steps to configure security for the AS2 protocol
are:
optionally define default parameters in the dstk.ini file
define security rules in the as2.ini file
define the list of Master and Source components in as2.ini and to
associate them to the previously defined security rules.
For details of the various configurations and the meaning of the individual
parameters please refer to section 4.3 - AS2 Security Configuration.
The archived certificates are used by the Spazio AS2 connector in sign and/or
decrypt operations, between the local station and the various partners.
The main key to identify a certificate is the AS2_ID.
AS2ManageCert
AS2ManageCert <certificate file><options>
AS2ManageCert <command><options>
Allowed commands:
LIST List all the Entries in the CEM DB
DETAIL Detail of an entry in the CEM DB ( -i ID )
DELETE Delete an entry in the CEM DB ( -i ID )
UPDATE Update an entry in the CEM DB ( -i ID -s
START_DATE -e END_DATE )
GET Dump an Entry in the CEM DB as if requested from
AS2 Transport (use t,f,k options)
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 31
Configuration Overview
The first basic item of information you need is the AS2 database path.
Its generic format, using the SPFAB support, is formed as follow:
jdbc:h2:tcp:// host[:port]/PathToDatabase
where:
The host is normally the localhost.
The optional :port specification is needed only if the SPFAB H2 port
was not the standard port. This information can be found in the
spfab.system.properties in H2 Database Section (mod-h2.tcpPort).
PathToDatabase is the full path to the as2data.h2.db file.
For a database managed by SPFAB this value is:
$SPAZIO/spdata/spfab/persistent/system/h2/as2data
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
32 EMAFTM091/06
Configuration Overview
The next example shows the command for listing all the certificates in the
database:
AS2CL.bat LIST
-u "jdbc:h2:tcp://localhost/%SPAZIO%/
spdata/spfab/persistent/system/h2/as2data"
Certificate List:
The index between square brackets is the RecordID of the record and is needed
for the detail/update/delete command, with the "-i" flag.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 33
Configuration Overview
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
34 EMAFTM091/06
Chapter 4 Configuration Reference
4.1 Notation
For the sake of clarity, the rest of this book will assume that the default line
names will be adopted for protocol lines. Therefore, spxp.linename.properties
will actually be referred to as: spxp.as2.properties.
AS2Server.Source[DEFAULT].* prefix
This section describes the default common parameters used for setting Spazio
AS2 server side parameters. The following is an example:
AS2Server.Source[DEFAULT].DBMS_DRIVER=org.h2.Driver
AS2Server.Source[DEFAULT].DBMS_URL=
... jdbc:h2:tcp://localhost/C:/AS2dir/h2dbms/test
AS2Server.Source[DEFAULT].DBMS_H2_SERVER_PARAM=
... -tcpAllowOthers trace
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 35
Configuration Reference
AS2Server.Source[ServerName].* prefix
This multiple section describes the various Source instances of the protocol.
Here is an example of setting the values:
AS2Server.Source[SERVERFILE].ServerPort=8010
AS2Server.Source[SERVERFILE].ConnectorType=http
AS2Server.Source[SERVERFILE].As2Path=C:/SpazioAs2
AS2Server.Source[SERVERFILE].LogOptions=Status, Response, Errors
AS2Server.Source[SERVERFILE].FileServletPath=/receiver
AS2Server.Source[SERVERFILE].QM=SPXP
AS2Server.Source[SERVERFILE].Queue=AS2TEST
AS2Server.Source[SERVERFILE].QMUser=
AS2Server.Source[SERVERFILE].QMPassword=
AS2Server.Source[SERVERFILE].MoveType=COPY
AS2Server.Source[SERVERFILE].AsynchMdnBehaviour=DIRECT
AS2Server.Source[SERVERFILE].MdnServletPath=
AS2Server.Source[SERVERFILE].MdnMailServer=smtp.myorg.com
AS2Server.Source[SERVERFILE].MdnMailFrom=SpazioAS2@myorg.com
AS2Server.Source[SERVERFILE].MdnMailSubject= MDN from SpazioAS2
AS2Server.Source[SERVERFILE].TRANSPORT_DOMAIN=TestDomain
AS2Server.Source[SERVERFILE].OriginalFilename=false
AS2Server.Source[SERVERFILE].FlexFrom_1=
AS2Server.Source[SERVERFILE].FlexQueue_1=
AS2Server.Source[SERVERFILE].MdnSaved=
AS2Server.Source[SERVERFILE].MdnQueue=
AS2Server.Source[SERVERFILE].CEMMAIL_PROTOCOL=smtp
AS2Server.Source[SERVERFILE].CEMMAIL_SMTP_HOST_NAME=smtp.myorg.com
AS2Server.Source[SERVERFILE].CEMMAIL_SMTP_HOST_PORT=25
AS2Server.Source[SERVERFILE].CEMMAIL_AUTHENTICATION=true
AS2Server.Source[SERVERFILE].CEMMAIL_SMTP_AUTH_USER=myname
AS2Server.Source[SERVERFILE].CEMMAIL_SMTP_AUTH_PWD=mypassword
AS2Server.Source[SERVERFILE].CEMMAIL_TO=As2Admin@myorg.com
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
36 EMAFTM091/06
Configuration Reference
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 37
Configuration Reference
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
38 EMAFTM091/06
Configuration Reference
In this scenario, files received from the server SERVERFILE with AS2-
FromFromCustXXX are placed in the Spazio queue QUEUE01.
Files received with AS2-FromFromCustYYY are placed in the Spazio queue
QUEUE02.
Files received with any other value in the AS2-From field are placed in the
default Spazio queue AS2TEST.
The fields FlexFrom_x and FlexQueue_x must both be present and filled
in correctly; otherwise the association will be discarded. If not present, only
the default Spazio queue for that server will be used.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 39
Configuration Reference
The <destination> named DEFAULT is special: it contains the values that will
be used at runtime for parameters not specified in user-defined destination
specific sections.
To configure a new destination:
Create a remote queue definition
Create a remote node definition
Create a JXP transport line (if a suitable one is not available)
Create an AS2 transport class (if a suitable one is not available)
Create a new properties section by overriding one or more of the
properties provided in the default one.
The specific section for an AS2 Master Target (AS2QM for example) is shown
below. It must be filled in to detail the specific configuration of the Target, as
long as it differs from DEFAULT one.
AS2Master.Target[AS2QM].Enabled=true
AS2Master.Target[AS2QM].FROM=AS2-From
AS2Master.Target[AS2QM].TO=AS2-To
AS2Master.Target[AS2QM].URL=remote AS2 Server URL
AS2Master.Target[AS2QM].TRANSPORT_DOMAIN=AS2Master
AS2Master.Target[AS2QM].EDITYPE=EDI file type
AS2Master.Target[AS2QM].DBMS_SPFAB=true
AS2Master.Target[AS2QM].SEND_TIMEOUT=send file timeout
AS2Master.Target[AS2QM].MESSAGE_SUBJECT=Subject for eMail
AS2Master.Target[AS2QM].MDN_SYNCHRO=synchronicity type
AS2Master.Target[AS2QM].MDN_TO=email address for SMTP MDN
AS2Master.Target[AS2QM].MDN_OPTIONS=MDN format required
AS2Master.Target[AS2QM].MDN_DELIVERY_URL=URL for MDN
DeliveryAS2Master.Target[AS2QM].SYNC_MDN_QUEUE=Queue Name
AS2Master.Target[AS2QM].SYNC_MDN_QM=QueueManager Name
AS2Master.Target[AS2QM].SYNC_MDN_QMUser=User Name
AS2Master.Target[AS2QM].SYNC_MDN_QMPassword=User Password
AS2Master.Target[AS2QM].SPProxy.Enabled=false
AS2Master.Target[AS2QM].SPProxy.Port=10810
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
40 EMAFTM091/06
Configuration Reference
Description
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 41
Configuration Reference
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
42 EMAFTM091/06
Configuration Reference
The first dstk.ini file is generic for all the aspects of security managed
through the Spazio proprietary DSSP system and all the default values that
the AS2 connector will use unless they are specifically defined are configured
in this file.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 43
Configuration Reference
The as2.ini file is specific for the AS2 connector and allows you to define in
detail the security parameters such as authentication token, keys and signing
certificates, encryption and compression protocols, and so on, for each Master
or Source instance.
This definition starts from the creation of two lists of Master ([CONNECT])
and Server ([ACCEPT]) components, in which a set of applicable security
rules is associated to each instance.
Then the parameters for the various security rules used in these lists are
configured.
This is followed by a series of steps necessary for loading the certificates and
tokens used by DSSP to perform authentication, encryption, signature and
any other security related operations.
dstk.ini configuration
This generic DSSP file contains a section for the general default parameters of
the AS2 protocol, values that will be used unless they have been redefined in
as2.ini:
[AS2]
; CryptoSystem to use for AS2 Security.
; Allowed values : JKS, PKCS12
CryptoSystem
as2.ini configuration
; ===================================================
; The following section contains rows that associate
; Servers to a custom set of rules.
; ===================================================
[ACCEPT]
; The following section contains rows that associate
; Servers to a custom set of rules.
; AS2 Servers are identified by a <name> that is
; the name of a server stanza in spxp.as2.properties
; ===================================================
; Following section contains rows that associate target
; Servers to a custom set of rules.
; ===================================================
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
44 EMAFTM091/06
Configuration Reference
[CONNECT]
; Target AS2 Server are identified by <name>, that is the name
; of a master stanza in spxp.as2.properties
; ===================================================
; The following section name is defined in the
; CONNECT section and is associated to a target server.
; It allows you to override client Token, and other
; default configuration for all clients connecting to
; target AS2 server.
; ===================================================
[ProtocolName]
; CryptoSystem to use for AS2 Security.
; Allowed values : JKS, PKCS12
;
; DEFAULT: &AS2.CryptoSystem&
CryptoSystem=
; KeyID: Signer's identifier within Token, key alias of the signing private key
;
; OPTIONAL, if Token contains a single private key/cert.
; Need to use the "Nome Alias" as reported from
; "c:\java\jdk1.6\bin\keytool -list -keystore ./as2sender.pfx -storetype pkcs12 -v"
; command
KeyID=
; ===================================================
; The following section name is defined in the
; ACCEPT section and is associated to a target server.
; It allows you to override server Token, and related
; token parameters
; ===================================================
[ProtocolName]
; CryptoSystem to use for AS2 Security.
; Allowed values : JKS, PKCS12
;
; DEFAULT: &AS2.CryptoSystem&
CryptoSystem=
; KeyID: Signer's identifier within Token, key alias of the signing private key
;
; DEFAULT: &AS2.KeyID&
; Need to use the "Nome Alias" as reported from
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 45
Configuration Reference
To view the data of the keystore as2sender.pfx you can use the keytool
command:
%SPAZIO%\bin\jre\bin\keytool -list -keystore
C:\SpazioAS2\CERT\as2sender.pfx -storetype pkcs12 v
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
46 EMAFTM091/06
Configuration Reference
Make sure that you insert the full path of the certificate and the correct user.
If the certificate is not inserted correctly, the error is reported in the AS2
traces (spxp.as2.trace) with the following message:
##################### ERROR ######################
Digital signature certificate error :
.... StackTrace details ....
##################### ERROR ######################
To check the content of the database you can use the command:
dbputil l
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
EMAFTM091/06 47
Configuration Reference
If the user chooses to use the embedded RDBMS server without passing via
SPFAB, the following values must be assigned:
(spxp.as2.properties section).DBMS_SPFAB=false
(spxp.as2.properties section).DBMS_DRIVER=org.h2.Driver
(spxp.as2.properties section).DBMS_URL=jdbc:h2:tcp://localhost/C:
.. /as2/h2dbms/test;IFEXISTS=TRUE
(spxp.as2.properties section).DBMS_H2_SERVER_PARAM=-tcpAllowOthers
Where:
org.h2.Driver is the name of the standard H2 Driver
jdbc:h2:tcp specifies a TCP connection to the H2 server
//localhost/C:/as2/h2dbms/test;
specifies test as the name of the DB used, in
this case located on localhost (i.e. the same
machine on which Spazio is running) in the
folder C:/as2/h2dbms/ (obviously in a Windows
environment).
IFEXISTS=TRUE specifies that the DB is to be accessed only if
already exists and without recreating it if it
doesn't.
SPAZIO MFT/S AS2 Connector for Distributed Platforms: Installation and Configuration Guide
48 EMAFTM091/06