Creating an AS2 Station
1 What is an AS2 Station
An AS2 ‘Station’ defines an identity for your Organization to communicate over the AS2 protocol. An AS2 Station will have a unique AS2 ID, URL, and a certificate used for encryption and digital signatures. While most organizations would be using just one AS2 Station, some advanced users may prefer to use two or more stations. Some large organizations may decide to create two stations to use one for testing, and the other for production use.
2 Creating an AS2 Station
An AS2 Station is analogous to an email address. A significant aspect is the ‘AS2 ID’, which is a unique identifier you would choose to identify your AS2 identity. If your company name is Acme Trading, you may choose ‘ACME_PROD’ as an example of your AS2 identifier. You will receive messages from your Partners destined to a specific AS2 ID, and if you have more than one Station, the messages will show to which Stations they have been received. Similarly, when sending out messages, you can choose the outgoing Station to be used, if you have more than one Station created for your Organization.
To create a new Station, navigate to the Stations page from the navigation menu. Then click on the ‘New Station’ button.
2.1 Basic information for the Station
To add the trading station:
- Specify a name for the trading station. This is solely used for labeling the station within MFT Gateway, with a user-friendly name. This name will not be used in AS2 message communication. So specify a descriptive name such as ‘Acme AS2 Production’. For any reason, if you decide to use some external identifier say ‘08111999US00’ as your AS2 ID (specified next), this ‘name’ will be easier to relate to.
Specify an AS2 identifier. This is the identifier used to identify the MFT Gateway station, analogous to an email address, and used within in AS2 message communication. This has to be unique among a set of agreed partners, and also within MFT Gateway service (which the Gateway will ensure at creation time).
Note: Spaces, backslashes or double quotes are not allowed in the station AS2 identifier. Its length should be between 1 and 128 characters (inclusive).
- Specify an email address for the station. It will be used in
Fromheader of sent messages (not
AS2-From- which is the AS2 identifier). It will also be used to send email notifications to you regarding the station, such as incoming messages or sending failures.
- Choose if you want to utilize a static IP address for your messages, and if you want to receive messages larger than 3 MB in size. These are optional, value added services, and would require a Business or Enterprise level subscription to retain, after your Free trial ends.
- Under ‘Advanced Options’, choose if you would like to receive an email notification on receipt of each AS2 message to this station. You can also enable email notifications for send failures. e.g. where a Partner endpoint has been unavailable to accept a queued message, and all automatic retries have failed.
2.2 Certificate configuration
Next, configure the certificate details for your Station. The following screen shows the generation and use of a self-signed certificate, which is the most common option used by most organizations. AS2 certificates does not require a third party Certification Authority (CA) to sign certificates. However, users can choose to get the certificates signed, if the remote Partners require it. Using self-signed certificates incur no additional costs, such as the charges by third party CA’s, which charge fees for certificate signing.
If you already have a keystore containing a key-pair and certificate, you may choose to upload it by sliding the ‘From Existing Keystore’ option. If you have already imported such a key-pair and certificate previously, you can select the entry from your certificate store by sliding the ‘Select from Certificate Store’ option.
Note: These fields follow the general certificate attributes as defined in RFC 5280.
- Specify a common name for the new certificate. This can be your name or domain name; for example, “John Doe” or “www.acme.com”.
- Specify your organization unit. This can be something like a division or department name in your organization; for example, “Information Technology”.
- Specify your organization. This can be your company name; for example, “Acme Ltd.”.
- Specify your city; for example, “Houston”.
- Specify a state; for example, “Texas”
- Select your country from the drop-down list.
- Select a preferred key length.
- Select the certificate validity period. Once this period has expired, you would need to regenerate a new certificate and share it with your partners again.
- Enter a password for the certificate.
Note: It is recommended to leave the key length at 2048, and the validity at 5 years, unless you have any specific reasons.
Once the certificate configuration is complete, go ahead and submit the form by clicking on the Create button.
3 AS2 Station Listing
Once you add the station, you will be directed to the AS2 station listing page, from which you can view the partner configuration of the station just created.
You can delete a station by clicking the delete icon in the top right corner of the station card. The actions icons at the bottom allows you to ‘Manage Station Details’, ‘View Partner Configuration’, and to navigate to the Received, Sent, Queued and Failed messages for the station.
3.1 Partner Configuration of an AS2 Station
Click on the ‘View Partner Configuration’ button from the action panel of the trading station card. This shows you the configuration that you need to share with your partners.
You can use the Share Partner Configuration option to share this configuration with your partner via email. This will create an email with the AS2 ID of the station, the URL to be used, and the Certificates as a Zip file attachment, and any IP address etc, if applicable.
Now that we have created a trading station, the next step would be to add a partner so that we can start communicating.