Updating an AS2 Station

Stations added on MFT Gateway can be updated/modified later to change various configurations such as the name, AS2 identifier, certificates, etc.

To update a station, open the stations view using the Stations icon on the left navigation menu, and locate the station entity to be updated. Then click the Manage Station Details ” button on that station card to open the station management view.” button on that station card to open the station management view.

Station entry

For reference, the creation and last-update timestamps of the station are recorded and shown in the footer area of the management view.

1 Updating basic information of a Station

Basic information such as Name and Email are generally safe to be changed, and can be modified directly.

Manage Station view

1.1 Updating the AS2 identifier

If it is required to change the AS2 Identifier, click on the Edit button (pencil icon) next to the “AS2 Identifier” label. A warning popup message will appear with an explanation of the risks associated with changing the AS2 identifier of a working AS2 connection. If those risks are acceptable, check the “Read and understood terms” check box and click the Continue button. That will make the AS2 Identifier field editable.

Make sure that your partners also change your AS2 ID on their ends synchronously, ideally within a safety/maintenance window.

Changing the station AS2 identifier on a working AS2 connection, is not recommended; it will:

  • Detach any existing inbox/sent messages from this station.
  • Affect any existing messages from this station, that are currently in your outbox/failed lists.
  • Cause inconsistencies in existing message counts and statistics.
  • Cause any ongoing message traffic to fail or be rejected, until your partners also change your AS2 ID on their ends.
  • Break any existing integrations; e.g. REST API message submissions, SFTP folder structures (if enabled), EDIG workflow.

The option to update the AS2 identifier of the station is not supported through REST APIs.

2 Change Station Certificate

There can be situations where the key pair of a station (station certificate) has to be updated/changed, such as:

  • an incorrect key pair was generated or assigned at the station creation by mistake
  • certificate of currently assigned key pair has expired, or is expiring in the near future

2.1 Change the Station certificate immediately

To update the station certificate immediately:

  1. Click the Edit Station Certificate icon next to the current certificate.
  2. In the dropdown menu, select a keypair from the certificate store.
  3. You can also:
    • Refresh the list of available certificates.
    • View details of the selected certificate.
    • Add a new keypair using the plus (+) button.
    • Cancel the certificate update using the cancel (x) button.

Change Station Certificate

The updated certificate will get applied immediately; so, for a live AS2 connection, it is always recommended to perform this activity during a maintenance window - collectively agreed among all trading partners that are communicating through the station.

You must share only the public certificate exposed on the partner-config view of the station, with your partners; never share the private key with anyone, even if you manage to export it.

2.2 Scheduling a Station certificate

To schedule a certificate update:

  1. Enable the Schedule Backup Certificate toggle.
  2. Use the dropdown menu to select an existing key pair from your certificate store.
  3. Next, configure the Activate on field to specify the exact date and time for the certificate to take effect. Please note that the time must be set in UTC.

Schedule Station Certificate

Once scheduled, MFT Gateway will automatically switch the station certificate of this station to the new certificate at the specified date and time without any manual intervention. Until that date and time, the current station certificate will be in use.

3 Change or Add a TLS/SSL Certificate

If a TLS/SSL certificate is already configured for the station:

  1. Click the Edit TLS/SSL Certificate icon next to the current certificate.
  2. Select a new key pair from the dropdown menu, similar to how you would change the station certificate.

Change TLS/SSL Certificate

If no TLS/SSL certificate has been configured yet:

Refer to Section 2.2.2 – TLS/SSL Certificate in the Create Station Guide for step-by-step instructions on setting it up.

4 Email Notifications

Same configuration options as in Section 2.3 – Email Notifications.

5 Transmissions

Same configuration options as in Section 2.4 – Transmissions.

6 Advanced Options

Same configuration options as in Section 2.5 – Advanced Options.