add partner icon

Adding a Trading Partner

Version: latest

Defining partners on AS2 Gateway allows you to send messages to your trading partners and receive messages from them.

In order to configure a partner, you first have to obtain some information from the respective trading partner, such as AS2 identifier, recipient URL, certificates and so forth. (In fact, these are the configurations of a trading station declared on the remote partner’s side; similar to the Partner Configuration that we saw on our own local trading station page in the previous section).

To add a partner, first go to the partners view using the Partners icon on the left navigation menu. Then on the page header (top bar), click on New Partner button.

partner nav pointed

Now you need to fill the required information to configure the trading partner you are about to add.

partner add
  1. Specify a name for the trading partner. This is just a textual identifier for you to easily distinguish this partner from others in the partners list; it will not actually be used in AS2 message communication.

  2. Specify the AS2 identifier of the partner. This has to be obtained from the partner.

    You cannot change this partner AS2 identifier value later!
  3. Specify the partner URL which will be used to send messages to this partner (in other words, the partner would be listening on this URL for incoming messages). This must be a HTTP or HTTPS URL (starting with http:// or https://).

  4. If the partner’s URL is a HTTPS one (https://), you may want to also add the HTTPS certificate for that endpoint, under the HTTPS (TLS/SSL) section - especially if the partner is using a self-signed HTTPS certificate, or a certificate issued by a certificate authority that AS2 Gateway does not currently trust.

    To ensure that the URL and any required HTTPS certificates are configured correctly, it is highly recommended that you click the Test button to verify your configuration before creating the partner. This checks basic connectivity to your partner’s endpoint (without sending any data) using the configured URL and certificates.
    If your partner has a HTTPS (https://) URL and they have provided two certificates (one of them would usually be the encryption certificate), double-check what the second certificate is for - it may either be a HTTPS certificate, or a signature certificate. There is no sure-fire way to identify the type, so we recommend that you check with your trading partner if the second certificate’s type/purpose is unclear.
  5. Upload the partner’s public certificate. AS2 Gateway will use it to encrypt messages being sent to the partner (if encryption is enabled for outgoing messages), and possibly also to verify signatures of incoming messages (see below).

    Alternatively, if the certificate has already been uploaded previously, you can turn off the Upload New toggle and select it via the Select from Certificate Store dropdown.

    If your partner has sent you multiple certificates, make sure that you correctly identify and assign each one as the encryption, signature and/or HTTPS (SSL/TLS) certificate; otherwise, communication could fail in complicated ways.
  6. If the partner has provided or indicated another "signing", "signature", or "verification" certificate, turn on the Use different certificate as sign certificate toggle and upload/select it as appropriate.

    This only applies if your partner uses two different certificates for signing outgoing messages and decrypting incoming messages.

    If you are new to AS2 messaging, we recommend you to go with the same certificate for both signing and encryption (keeping the Use different certificate as sign certificate toggle turned off), unless your partner has explicitly requested otherwise. Refer to this section under Advanced Partner Settings for more details.

    If your partner has a HTTPS (https://) URL and they have provided two certificates (one of them would usually be the encryption certificate), double-check what the second certificate is for - it may either be a signature certificate, or a HTTPS certificate. There is no sure-fire way to identify the type, so we recommend that you check with your trading partner if the second certificate’s type/purpose is unclear.
  7. If your partner has provided any trust (chain) certificates for encryption and/or signing, add them under the Chain Certificates section. Without these, the respective certificates may be rejected (i.e. not trusted) by AS2 Gateway.

    Once added, chain certificates will remain in your certificate (trust) store and get "applied" to all your trading partners; if you update the partner later, you do not need to select/upload them again.
  8. Then we have the Advanced Options. We’ll skip these for now.

    Refer to the Advanced Partner Settings reference for more information on the advanced options.
    Partner Configuration: Advanced Options

Finally click the Save button to submit the form.

Once the partner is ready, you can proceed to send your first message!

In this topic
In this topic