Creating an AS2 Station

Watch video ▶️

1 What is an AS2 Station

An AS2 ‘Station’ defines an identity for your Organization to communicate over the AS2 protocol. An AS2 Station will have a unique AS2 ID, URL, and a certificate used for encryption and digital signatures. While most organizations would be using just one AS2 Station, some advanced users may prefer to use two or more stations. Some large organizations may decide to create two stations to use one for testing, and the other for production use.

2 Creating an AS2 Station

An AS2 Station is analogous to an email address. A significant aspect is the ‘AS2 ID’, which is a unique identifier you would choose to identify your AS2 identity. If your company name is Acme Trading, you may choose ‘ACME_PROD’ as an example of your AS2 identifier. You will receive messages from your Partners destined to a specific AS2 ID, and if you have more than one Station, the messages will show to which Stations they have been received. Similarly, when sending out messages, you can choose the outgoing Station to be used, if you have more than one Station created for your Organization.

To create a new Station, navigate to the Stations page from the navigation menu. Then click on the ‘New Station’ button.

Empty Station list view

2.1 Basic information for the Station

To add the trading station:

  1. Specify a name for the trading station. This is solely used for labeling the station within MFT Gateway with a user-friendly name. This name will not be used in AS2 message communication. So specify a descriptive name such as ‘Acme AS2 Production’. For any reason, if you decide to use some external identifier, say ‘08111999US00,” as your AS2 ID (specified next), this ‘name’ will be easier to relate to.

  2. Specify an AS2 identifier. This is the identifier used to identify the MFT Gateway station, analogous to an email address, and used within AS2 message communication. This has to be unique among a set of agreed-upon partners and also within the MFT Gateway service (which the Gateway will ensure at creation time).

    Note: Its length should be between 1 and 128 characters (inclusive).

  3. Specify an email address for the station. It will be used in From header of sent messages (not AS2-From - which is the AS2 identifier). It will also be used to send email notifications to you regarding the station, such as incoming messages, message send failures, incomplete messages, and enabling email notifications for MDN-related issues.

Create station view

2.2 Certificate configuration

Next, configure the certificate details for your Station.

You must first import the key-pair from the Certificates view before creating a Station. Once imported, you can select the required key-pair from the dropdowns in this view.

2.2.1 Station Certificate

Select the key-pair to be used as your Station Certificate from the dropdown list. This certificate is required for AS2 message signing and decryption.

  • Reload icon (🔄): Refreshes the list of station key-pairs available in your certificate store.
  • Add icon (➕): Navigates to the Certificates page, allowing you to import a new key-pair. Once imported, it will appear in the dropdown list after refreshing.

Note: AS2 certificates do not need to be signed by a third-party Certification Authority (CA). Most organizations use self-signed certificates, which incur no additional cost. However, you can use CA-signed certificates if required by your partners.

2.2.2 TLS/SSL Certificate (Optional)

If you wish to enable TLS/SSL communication for AS2 transfers from this station, toggle on the “Enable TLS/SSL Certificate”. Once enabled, the TLS/SSL Certificate dropdown will appear, allowing you to select a certificate.

  • Reload icon (🔄): Refreshes the available key-pair list in your certificate store.
  • Add icon (➕): Opens the Certificates page, where you can import a new key-pair for use as the TLS/SSL certificate.

Tip: TLS/SSL is optional. Enable and configure this only if your trading partner requires two-way SSL communication.

Certificate details on create station view

Once the certificate configuration is complete, go ahead and submit the form by clicking on the Create button.

You can skip the sections below during the standard set-up.

2.3 Email Notifications

Configure email notifications to stay informed about key AS2 message activities and issues by selecting the events for which you wish to receive alerts:

  • Incoming Messages – receipt of each AS2 message to this station.
  • Outgoing Messages – successful sending of each AS2 message from this station.
  • Message Send Failures – sending failures; e.g. where a partner endpoint has been unavailable to accept a queued message and all automatic retries have failed
  • Incomplete Messages – When a message has failed sending and the encountered error is not safe to be retried.
  • Enable Email Notifications for MDN related issues – MDN related issues; e.g. receipt/issuing of negative MDNs, integrity (MIC) mismatches, failure to send back an async MDN

2.4 Transmissions

  • Enable Static IP and Large Payload Support For Incoming Messages: Choose if you want to receive messages through a static IP address (e.g. if the partner system requires a specific IP address to be whitelisted for outbound traffic from their end), and/or you want to receive messages larger than 3 MB in size (not supported on the ‘default’ receiver endpoint). These are optional, value-added services that would require a business or enterprise-level subscription to retain after your free trial ends.

2.5 Advanced Options

  • Description: Write/maintain any notes regarding the station
  • Set as Default Station: If enabled, when composing a new message, system will automatically pre-select this station as the sender identity. If another station was previously set as default, enabling this will replace the older default.

Advance configurations on create station view

3 AS2 Station Listing

Once you add the station, you will be directed to the AS2 station listing page, from which you can view the partner configuration of the station just created.

station list view

You can delete a station by clicking the delete icon in the top right corner of the station card. The actions icons at the bottom allows you to

  • manage station details/settings,
  • go to the partner view/configuration of the station, and
  • navigate to the Received, Sent, Queued, Failed and Incomplete messages for the station.

3.1 Partner Configuration of an AS2 Station

Click on the ‘View Partner Configuration’ button from the action panel of the trading station card. This shows you the configuration that you need to share with your partners.

partner configuration view

If a HTTPS URL is available, you can export the corresponding root TLS/HTTPS certificate in a desired format (PEM or CER).

Under Download Certificate button in Partner Certificate section, you can export your own AS2 certificate in a preferred format.

You can also use the Share Partner Configuration option to quickly share the full configuration with your partner via email:

  • AS2 ID of the station
  • URL to reach/transmit to the station
  • an IP address to whitelist, if applicable (for above URL)
  • station (AS2/S-MIME) certificates as a zip file attachment
  • You can use the Note area to include any additional notes/comments to be included in the email.

AS2 Station: Share Partner Configuration

Now that we have created a trading station, the next step would be to add a partner so that we can start communicating.