Quick Start for AS2 Client
Messages can be securely transmitted to trading partners using AS2 (Applicability Statement 2) by using the AS2 Server Resource and AS2 Task in Projects. Follow the quick start guide below to setup new trading partners and processes to send AS2 messages using certificates managed from the Key Management System (KMS). If you would like to receive AS2 messages, please refer to the Quick Start for AS2 Service guide.
In depth Guide for AS2 Client Setup:
https://www.goanywhere.com/managed-file ... 2-messages
Contact each of the trading partners with whom you will send AS2 messages:
- Obtain the URL of their AS2 server. If the URL begins with HTTPS and the server certificate used by the AS2 server is not signed by a trusted certificate authority, you will need to obtain and import their server certificate.
- Obtain their AS2 ID for their server.
- Provide them with your AS2 ID. Your ID is an arbitrary name that the receiving server will use to validate your identity.
- If you plan to encrypt the messages you send to your trading partners, obtain and import their public certificate.
Import the Trading Partner's Public Certificate(s)
- If you plan to sign your messages, provide the trading partner with your public certificate that matches the private key used to sign messages. If you do not have a private key, follow the steps outlined in the Create a Certificate section to create a private key and its associated public certificate.
Complete these steps if you plan to encrypt the message or use an HTTPS connection.
- 1. Log in to GoAnywhere as an Admin User with the Key Manager role.
- 2. From the main menu, select the Encryption menu and then click the Key Management System link.
- 3. Click the Action iconAction icon next to the desired Key Vault and select Manage Certificates.
- 4. Click Import icon Import from the toolbar.
- 5. Browse for the location where the trading partner's public certificate was saved.
- 6. Specify the File Format for the certificate.
- 7. Specify an Name to identify the certificate. Note the name, as it will be used later.
Define the AS2 Server Resource
- Log in to GoAnywhere as an Admin User with the Resource Manager role.
- On the main menu, click Resources.
- In the Resources page, click the AS2 Server link in the Resource Type panel, and then in the page toolbar, click Add AS2 Server icon Add AS2 Server.
- Specify the parameters and the credentials for the AS2 server obtained in the Initial Planning section above.
URL - This is the URL to the AS2 service provided to you by your trading partner.
AS2 From ID - This is your arbitrary AS2 ID that you provided to your trading partner.
AS To ID - This is your partner's AS2 ID they provided to you.
- Specify the optional AS2 security settings below:
When sending a message to a trading partner it is highly recommended and sometimes required to encrypt the contents of a message. To add encryption, follow the steps below:
- 1. On the AS2 Resource Advanced tab, set the Message Encryption - Encrypt Messages option to Yes.
- 2. Select the trading partner's public certificate in the Message Encryption - Key Name field.
To ensure the integrity of messages, digital signatures can be added to an AS2 message allowing the recipient to verify who you are and that the contents of the message were not tampered with. To add a digital signature to a message, follow the steps below:
- 1. On the AS2 Resource Advanced tab, set the Sign Messages option to Yes.
- 2. Specify your private key in the Message Signature - Key Name field. In order for your trading partner to verify your signature, you will need to export and send them the public certificate associated to this private key.
Compressing messages reduces the message size and can improve transmission time. To add compression, follow the steps below:
Define the AS2 Task
- 1. On the AS2 Resource Message tab, set the Message Options - Compress Messages option to Yes.
- 1. Login to GoAnywhere as an Admin User with the Project Designer role.
- 2. On the main menu bar, select Workflows > Projects and then select the folder for the new Project.
- 3. In the page toolbar, click Create a Project icon Create a Project, specify a Project Name, and then click Save.
- 4. From within the Project Designer page, expand the File Transfer folder in the Component Library, and then drag the AS2 task to the Project Outline.
- 5. Within the AS2 Task page:
Select the AS2 Server resource created above from the drop-down list.
Type the path and file name of the Source File or click the Browse icon Browse icon to browse for the file. A File Set can also be defined to send multiple files in one message.
Optionally specify the Content Type, Subject, and Receipt options for this message.
When complete, click the Save iconSave button. The Project is ready to execute.
Processing MDN Receipts
The AS2 Task provides the option of receiving delivery confirmation in the form of a receipt. If a receipt is desired, use the Request Receipt option on the Receipt panel to select signed or unsigned receipts. Receipts that are signed ensure authenticity. Signed messages and receipts are considered a Non-Repudiation of Receipt (NRR), which is a “legal event” indicating that both party’s identities and the message’s integrity are valid.
When using receipts, an AS2 Task Output variable can be defined and used elsewhere in the Project to control how other tasks function based on the receipt message or status. If a receipt is requested, the following Receipt Destinations (or types) are available:
Synchronous Receipt Types
In a synchronous scenario, the connection remains open between GoAnywhere and the AS2 server until a receipt is received or a timeout occurs. The following options request synchronous receipts:
- Job log - The receipt will be saved to the Project's Job Log
- File - The receipt will be written to a specified file.
Asynchronous Receipt Type
- Discard - The receipt will be processed and verified, but not stored.
In an asynchronous scenario, the connection closes immediately after the transmission is complete. When the AS2 server is finished processing the message, the server will open a new connection and send the receipt. The following options request asynchronous receipts:
- Email - The receipt is sent to the specified email address. Email receipts may be delayed and possibly not supported by the trading partner's AS2 server.
- URL - The receipt will be sent to the specified URL.