mendelson opensource AS2

In reply to Inbound AS2 - Reload Failed Data Neil, This looks like a fallback to FTP. In AS2 the data is transmitted in transactions - if the transaction failed your partner is informed about this by the MDN. Mainly they will contact you or resend ... [More] the data in new transactions. If you -somehow- decrypt the received but not processed data (transaction error) to process it it might happen that the data will be received again later which might cause problems in your backend system or your processing chain. Regards Log in or register to post comments [Less]

In reply to Mendelson AS2 SHA-2 2048 bit support Leon1984, Your version ist from 09/2013. The SHA-2 support for signing data has been released first in the community version in b45 (02/2014) - anyway the current version is b47 (01/2015). Please update. Regards Log in or register to post comments

In reply to Leon1984, Hello, Version: mendelson opensource AS2 1.1 build 43 Regards, Szabolcs Log in or register to post comments

In reply to Mendelson AS2 SHA-2 2048 bit support Leon1984, which version of the mendelson AS2 are you running? Please remember that the SHA-2 support has been added in mid 2013 to the AS2 standard - older versions will not support this. Regards Log in or register to post comments

In reply to Hello, Hello, The AS2 settings Partner/Security/Digital signature shows only SHA1 but SHA2 would be required too. Can you help me, why can not select the SHA2 for digital signature? Thank you for your help. Response from Partner: AS2 ... [More] log: The AS2 message mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2 from PARTNER to PARTNER2 with subject "AS2 message" has not been completed with a state OK. Transaction log: [Jan 8, 2015 9:50:07 AM] mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2: Outgoing message signed with the algorithm SHA-1,using keystore alias "PARTNER3". [Jan 8, 2015 9:50:07 AM] mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2: Outgoing message encrypted with the algorithm 3DES, using keystore alias "PARTNER2_sha2_2048". [Jan 8, 2015 9:50:07 AM] mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2: Outbound AS2 message created from "PARTNER_ORDERS_3134736.edi" for the receiver "PARTNER2" in 28ms, raw message size: 3.48 KB [Jan 8, 2015 9:50:07 AM] mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2: The file "PARTNER_ORDERS_3134736.edi" has been deleted and enqueued into the processing message queue of the server. [Jan 8, 2015 9:50:07 AM] mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2: Sending AS2 message to http://Vanconnect.PARTNER2.com:5080/, sync MDN requested. [Jan 8, 2015 9:50:10 AM] mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2: Message sent successfully (HTTP 200); 3.48 KB transfered in 2.69s [1.29 KB/s]. [Jan 8, 2015 9:50:10 AM] CLEO-20150108_085010125-85B15Q@PARTNERAS2_ICCNET_AS2.VANVLT04-V: Incoming transmission is a MDN. [Jan 8, 2015 9:50:10 AM] CLEO-20150108_085010125-85B15Q@PARTNERAS2_ICCNET_AS2.VANVLT04-V: MDN state is [processed]. [Jan 8, 2015 9:50:10 AM] CLEO-20150108_085010125-85B15Q@PARTNERAS2_ICCNET_AS2.VANVLT04-V: Details of MDN received from remote AS2 server: The message sent to on Thu, 08 Jan 2015 09:50:07 CET with Subject has been received, the payload was successfully decrypted and its integrity was verified. In addition, the sender of the message, was authenticated as the originator of the message. There is no guarantee however that the payload was syntactically correct, or was received by any applicable back-end processes. Date: Thu, 08 Jan 2015 09:50:07 CET Date-Local: 2015-01-08T03:50:07Z-05:00 [Jan 8, 2015 9:50:10 AM] CLEO-20150108_085010125-85B15Q@PARTNERAS2_ICCNET_AS2.VANVLT04-V: MDN is the answer to AS2 message "mendelson_opensource_AS2-1420707007390-95@PARTNERAS2_ICCNET_AS2". [Jan 8, 2015 9:50:10 AM] CLEO-20150108_085010125-85B15Q@PARTNERAS2_ICCNET_AS2.VANVLT04-V: MDN is signed. [Jan 8, 2015 9:50:10 AM] CLEO-20150108_085010125-85B15Q@PARTNERAS2_ICCNET_AS2.VANVLT04-V: Using certificate "PARTNER2_sha2_2048" to verify signature. [Jan 8, 2015 9:50:10 AM] CLEO-20150108_085010125-85B15Q@PARTNERAS2_ICCNET_AS2.VANVLT04-V: Verification of digital signature failed Verification failed Log in or register to post comments [Less]

In reply to Inbound AS2 - Reload Failed Data Just a guess, but if you have actually received the files but just cannot extract the data because of the certificate issue, temporarily reinstall the older cert and then copy the files to the appropriate "inbox". Log in or register to post comments

Please see the attached screenshot from our trading partner (Delhaize). It is the web interface for their AS2 software. Please look at the second line item. It shows a 997 that Delhaize sent to us (ACS). The X12 document type (997) appears in the ... [More] third column, and the ISA Interchange Control Number (000000399) in the last column (Document ID). Delhaize has requested that ACS should populate these fields when we send EDI data to them. Is that possible using Mendelson AS2? I can easily extract the applicable elements from the outbound data file, but where should I put them for the benefit of Delhaize's software? Forum: AS2 AttachmentSize delhze.png101.36 KB [Less]

In reply to Thanks for the reply, other Solved: When i search the answer here inside forum, i found: jdbc:hsqldb:hsql://localhost:3333/as2db_config jdbc:hsqldb:hsql://localhost:3333/as2db_runtime But in the new versions, the database alias ... [More] changed.. as2db_config to config as2db_runtime to runtime Now i'm surfing inside the dabases config and runtime. jdbc:hsqldb:hsql://IP-SERVER:3333/config jdbc:hsqldb:hsql://IP-SERVER:3333/runtime Greetings, Pablo Log in or register to post comments [Less]

In reply to Ariba This is the base64 part MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAMYICUTCCAk0C AQEwgcowgbUxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMW ... [More] VmVyaVNpZ24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0dHBzOi8v d3d3LnZlcmlzaWduLmNvbS9ycGEgKGMpMTAxLzAtBgNVBAMTJlZlcmlTaWduIENsYXNzIDMgU2Vj dXJlIFNlcnZlciBDQSAtIEczAhA78PF2pUtEPaLUOZx0f3DPMAkGBSsOAwIaBQCgXTAYBgkqhkiG 9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNTAxMDYxMTA1MzNaMCMGCSqGSIb3 DQEJBDEWBBR0wefm5f6uNyqLeKZeGHmfslNdjTANBgkqhkiG9w0BAQEFAASCAQAQMzX/j4DTc661 U1rJkrXn08nMbCDWhAfaEceQKQv/fteuo2TP/z64m06dBez96sMzHNCfPJMz5q2F0wWz7qjjZyqZ r0u4hpN8/GFvVgX37GSV5yc1TKkfToVSvXtU5BBIJuXjqWzBx5hEEf4QCClArJwzF7np1ePGYPU3 +xfR8KjIQJeFvpG2V2GK3IAOYaU2y0ra6iAb4eoV6sVzALOoXZG1edBGi3a3/6fk7Hu+XKunWX6X TRXA05wUmu8ggzF7cwzNqn1dgMk3OekEml8/iGc2cNQxYX5yWsaWLO5fwWr09Ga/9LtsQMifMOzd Sq2qf1vLz8cDBzxFyGKAdtD2AAAAAAAA I can decode it, so it -seems- to be valid. Log in or register to post comments [Less]

Hi all, a new version of the community version of the mendelson AS2 software has been released. You could download your version at http://as2.mendelson-e-c.com Enhancement: ------------------ *It's possible to clone an existing partner in the partner ... [More] management now *You could create a communication data sheet (editable PDF) now in the user interface. The PDF contains all settings of your selected local station and requests the settings of your partners system. The PDF contains the required certificates as attachment. Just send it to your partner to ask him for his communication parameters and deliver yours. Please remember that the standard MAC OS PDF reader does not support PDF attachments. Please install an other PDF reader if you are using this OS. *The partner panel contains additional fields for the partner address and partner contact now, this is written to the communication data sheet if created *You could manually resend more than a single transaction now (this will create new transactions). Please select multiple transactions in the transaction overview. Right mouse on it opens the related context menu. *The private key generator found in the certificate manager supports SHA256WITHRSA now. This allows to sign your certificates using SHA-2 as some providers are moving away from SHA-1. Please remember that there might be AS2 programs out that cannot work with these certificates - please clarify this first before signing your certificates with SHA-2. Changes: ------------------ *Removed all RMI code (which was slow) - the communication between the receipt servlet and the AS2 processing unit is based on apache MINA now. This results in higher processing message throughput and port 1099 is no longer used by the AS2 server. *The directory "_rawincoming" is managed by the system maintenance process new - it will delete old messages there. If you setup the system maintenance process (which is recommended) it will care for the old files in this directory. *The underlaying HTTP server (jetty v6) has been replaced by jetty v9. The reason is that it is possible now to disable transport layer security protocols (e.g. SSLv3) and weak ciphers/hash algorithms. If you are updating from a mendelson AS2 with underlaying jetty v6 there are some manual changes required - please refer to update_howto.txt which is part of the package. SSLv3 and some weak ciphers are disabled now by default. Please edit the file jetty9/etc/jetty.xml to change these defaults or to add other weak ciphers which should be no longer supported by your AS2 instance. The new jetty instance will be found in the directory "jetty9" after an update/clean install. But as always: Please do not rely on the transport security only, always encrypt and sign your data! To disable ciphers please add them to the "ExcludeCipherSuites" section in jetty9/etc/jetty.xml: SSL_RSA_WITH_DES_CBC_SHA To disable SSL protocols add them to the "excludeProtocols" section jetty9/etc/jetty.xml: SSLv3 *The JAVA VMs DNS caching has been set to 60s (Windows installer only). This is a setting done in the file jre/lib/security/java.security. Please set it manually if required and you are on a non windows system, add the line networkaddress.cache.ttl=60 In older versions this was set in the program code but it turned out that this was useless as these settings are read once on JVM start and setting them later in the program code has no effect at all. Fixes: ----------- *If a certificate had been exported to p7b format it contained the end certificate only - without the trust chain certificates *There were problems if the certificate was not in PEM but additional BASE64 encoded if you tried to import it. This is very uncommon - we encountered this only once. *Importing certificates in p7b format now imports the full trust chain and the end certificate. In older versions just the end certificate was imported. *If the send partner was unknown the system always sent a sync MDN with the error message "unknown partner" - even if the sender requested an async MDN *The certificates have not been sorted proper by their date in the display of the certificate manager. *The sent MDN was always signed - even if the partner requested an unsigned MDN *A SQL injection was possible in the message delete procedure - that was also the reason that some transactions could not be deleted by the system. Updates: ----------- *Update to BC 1.51 (crypto API, see https://www.bouncycastle.org/) *Update HTTP components to 4.3.5 (see http://hc.apache.org/) *Update servlet API to 3.1 (comes with the new jetty v9 webserver) *Updated jetty to v9 (unterlaying HTTP server, see http://download.eclipse.org/jetty/) *Update to Apache MINA 2.09 (client-server interface, see https://mina.apache.org/) Hint: The mendelson opensource AS2 will run fine with Java 64 bit VMs. If you have problems with the memory consumption please install a 64 bit java VM (not included), patch the VM with the "jurisdiction policy strength files" (Oracle download) and set the main memory of the JVM to 4 GB. Please have a look at the included file "upgrade_howto.txt", it explains how to upgrade from an older version of mendelson opensource AS2. --- Thank you all for your feedback and your help Your mendelson dev team Forum: AS2 [Less]