Altova FlowForce Server 2024 Advanced Edition

Partner Name

Required field. A name that identifies the trading partner to FlowForce Server. This name appears throughout the FlowForce graphical user interface to help you identify this trading partner.

Partner Description

Optional field. Free description text about the partner organization (for example, postal address, contact person, and so on).

AS2 name

Required field. When FlowForce Server sends AS2 data, this value identifies the receiver of the data exchange (the value of the "AS2-To" header). When FlowForce Server receives AS2 data, this value identifies the sender of the data exchange (the value of the "AS2-From" header).

This name is usually agreed between AS2 trading partners and must be unique system-wide, see also RFC 4130, §6.2.

AS2 Name

Required field. When FlowForce Server sends AS2 data, this value identifies the sender of the data exchange (the value of the "AS2-From" header). When FlowForce Server receives AS2 data, this value identifies the receiver of the data exchange (the value of the "AS2-To" header).

This name is usually agreed between AS2 trading partners and must be unique system-wide, see also RFC 4130, §6.2.

Receive messages

Optional field. Select this check box to allow FlowForce Server to receive messages from this AS2 partner.

If you are creating an AS2 partner to whom you will only be sending AS2 data and from whom you will not receive AS2 data, clear this check box.

This helps avoid errors when there is more than one partner with the same "Local AS2 Name" and "AS2 Name" pair. If that happens, you will be able to receive AS2 messages only from the partner for which this check box is selected.

Request URL

Required field. This field must specify the partner URL to which AS2 messages will be sent, for example: http://example.org:8080/as2/HttpReceiver.

The value must start with "http://" or "https://".

Redirect Mode

Optional field. For security reasons, you may want to disallow that HTTP requests be redirected, or only allow redirection on the same host. Valid values:

•No redirection allowed [Default]

•Redirection on the same host

•Arbitrary redirection (set this value if you want to allow redirection, even across different hosts)

Use chunked transfer encoding

Optional field. Valid values:

•Yes: FlowForce is allowed (but not forced) to use chunked transfer encoding for sending. If you enable this option, it is expected that the receiving system also supports chunked transfer encoding.

•No [Default]: FlowForce can only use Content-Length and connection close to indicate end of content.

HTTP Authentication Credential

Optional field. Only applicable if the partner's URI requires basic HTTP authentication. Enter here the HTTP credentials required to authenticate with the partner's server. You can also define the HTTP credentials from a dedicated page, as credential records, and then refer to them from this page, see Credentials.

Note: FlowForce Server sends the credentials preemptively.

Timeout

Optional field. Specifies a value in seconds after which the server will time out if no response is received. Default is system specific.

Use Compression

Optional field. Select this check box if FlowForce Server should compress AS2 data before sending it to partner.

Algorithm

Optional field. Specifies the symmetric algorithm to be used for encryption. Valid values:

•DES

•3DES [Default]

•AES-128

•AES-192

•AES-256

•RC2-40

•RC2-64

•RC2-128

•RC4-40

•RC4-128

Partner Certificate

Required field. Specifies the certificate to be used for AS2 message encryption. This must be a public certificate that you received from your trading partner and then imported into FlowForce Server, see Configuring AS2 Certificates.

Algorithm

Optional field. Specifies the algorithm(s) that a partner is allowed to use when encrypting messages sent to your organization.

If the trading partner uses another algorithm or one that is not selected, then FlowForce Server will send an error MDN and the job will not be started. The error MDN in this case includes a text like: "automatic-action/MDN-sent-automatically ; failed / error: insufficient-message-security"

Valid values for this field are:

•DES

•3DES

•AES-128

•AES-192

•AES-256

•RC2-40

•RC2-64

•RC2-128

•RC4-40

•RC4-128

Local-Side Certificate

Required field. Specifies the certificate to be used for AS2 message decryption. This must be a reference to a certificate with a private key that was previously imported into FlowForce Server, see Configuring AS2 Certificates. In FlowForce, such objects appear with the type "certificate + private key", like the second in the image below:

Algorithm

Required field. Specifies the hash algorithm for computing the signature MIC (message integrity check). Valid values:

•MD5

•SHA-1 [Default]

•SHA-224

•SHA-256

•SHA-384

•SHA-512

Local Side Certificate

Required field. Specifies the certificate issued by your organization for signing AS2 messages and MDNs sent to this partner. This must be a reference to a certificate with a private key that was previously imported into FlowForce Server, see Configuring AS2 Certificates. In FlowForce, such objects appear with the type "certificate + private key", like the second in the image below:

Algorithms

Required field. Specifies the algorithm(s) that should be used to compute the signed message hash in signature. If the trading partner does not use one of the algorithms below then FlowForce Server will return an MDN with an error text like: "automatic-action/MDN-sent-automatically ; failed / error: insufficient-message-security" . Also, the message will not be accepted and processed in this case.

Valid values:

•MD5 [Default]

•SHA-1 [Default]

•SHA-224 [Default]

•SHA-256 [Default]

•SHA-384 [Default]

•SHA-512 [Default]

Partner Certificate

Conditional field. Specifies the certificate to be used for verifying the signature of messages and MDNs sent by partner. This must be a public certificate that you received from your trading partner and then imported into FlowForce Server, see Configuring AS2 Certificates.

If the Request Signed MDN check box is enabled, then this field must be set also.

Request MDN

The option Synchronous means that FlowForce will request that the partner send a synchronous MDN in reply to the AS2 message. To request no MDN, click Delete and remove this block of options.

Note: Asynchronous MDNs are currently not supported, see Limitations.

Request signed MDN

Optional field. Select this check box to request a signed MDN from the trading partner, see Message Disposition Notification.

Compress Data

Conditional field. When Use Compression option is enabled, this option specifies if compression should occur before or after data is signed for transmission to an AS2 partner.

For outgoing messages, the option selected must be one that your AS2 partner supports.

In case of incoming messages (that is, if FlowForce Server receives messages from other partners), this option is irrelevant—FlowForce Server will decompress messages regardless of whether they were compressed before or after signing.

MIC Verification Algorithm

Conditional field. This field is applicable if the Request MDN option is set (see above). It specifies what algorithm FlowForce Server should use when verifying or computing the MIC (message integrity check) used for AS2 MDN (see also RFC 4130 §7.3.1).

For interoperability reasons, you may need to choose Use algorithm of MDN signature if the AS2 partner runs Microsoft BizTalk. Choose Use algorithm of original message signature if the AS2 partner runs mendelson AS2.

When both communicating AS2 servers run FlowForce Server, this option must be identical for both.

The value of this field can also make a difference when an algorithm other than SHA-1 is used for signature MIC in AS2 message or in MDN, (SHA-256, for example).

Convert message to canonical form

When this check box is selected, FlowForce Server will reformat the MIME message according to MIME rules for canonical message form, which includes MIME headers and sometimes the message body.

Use the text box below this option to specify a comma separated list of additional content types for which the message body must be reformatted to canonical form. The list of accepted types supports wildcards, similar to the HTTP Accept header and matches exactly the accept parameter of is-mime-content-type expression function.

Messaged bodies will be reformatted to canonical form in the following conditions:

1. When the MIME header Content-Transfer-Encoding has value "base64" (case insensitive).

2. When the MIME header Content-Transfer-Encoding is "7bit", "8bit", "quoted-printable" (all case insensitive) and Content-Type is text/* (which includes text/plain and anything that starts with text/).

3. When the MIME header Content-Transfer-Encoding is "7bit", "8bit", "quoted-printable" (all case insensitive) and Content-Type is one of those defined in the text box mentioned previously.

4. In case of multipart messages, both the prolog and epilog will be reformatted, and the same process will be applied to all parts, according to their headers.

Message bodies of messages where Content-Transfer-Encoding is "binary" are not reformatted to canonical form. Note that the default Content-Transfer-Encoding for AS2 is "binary", that is, when the header is not present, then "binary" is assumed and the body is never reformatted to canonical form.

For message headers, the canonical form is as follows:

1. Headers are terminated by CR LF end line characters.

2. Headers are unfolded (the whole header with its value takes only one line).

3. The header and its value are separated by a colon followed by one space character : .