Select FTP/S from the Transport Type list

7. Configure the options listed in below table.

Outbound FTP/S Settings

Field Description

Transport Name An identifier for these transport settings.

Field Description

URL The URL for the directory on the FTP server,

which is ftp://host_name:port/

path_name/, where

● host_name is the name of the machine (server) where the FTP server is running

● port is the port on the machine to which the FTP server is listening to

● path_name is the relative path that starts from the base directory of the FTP server Server Certificate (FTPS only) The partner’s certificate used to

encrypt transport communication.

Data Transfer The format for transferring files: ASCII or

Binary.

Username The user name for the trading partner’s FTP

server.

Password The password for the trading partner’s FTP

server.

File Processing The mechanism for deciding which files to

retrieve. There are two choices:

● File Mask Select it to control file renaming.

Enter a mask in the File Mask field.

● Script Select it for processing files. Specify a script in the Scripts field.

File Mask (FTPS only) The mask that controls file

renaming. The value entered in the field works as a template for the actual file name.

For more information, see Supported File Mask Options.

Output File Mask (FTP only) The mask that controls file

renaming. The value entered in the field works as a template for the actual file name.

For more information, see Supported File Mask Options.

Scripts Specify an FTP script. For information on how

to write scripts, Scripts and File Specification Dialog for information on how to upload a script.

Field Description

Scripts Engine Use Nashorn scripts engine to execute custom

scripts.

Secure Transport Mode (FTPS only) The secure protocol employed in the transport layer. SSL stands for secure sockets layer. TLS stands for transport layer security and is the successor of SSL v3. It is an open standard under RFC 2246.

Retry Count Number of retries

Retry Interval Time between retries

PGP Processing

When PGP processing is selected, the PGP keys used for the processing are configured in the Outbound Document Exchange portion of the Document Security tab for a Business Agreement.

These settings do not take effect if an FTP script is uploaded and used. If the FTP script is used, the PGP options are set up in the script using PGP API.

Sign Specifies whether the files have to be signed.

Encrypt Specifies whether the files have to be

encrypted.

Compress Specifies whether the files have to be

compressed.

Compression Algorithm Selects the compression algorithm: ZIP or ZLIB.

ASCII Armor Specifies whether the files have to be sent in

the ASCII armor format.

8. Click Add.

AS2 Transport

This chapter describes how to use AS2 Transport for document exchange.

AS2 Transport Overview

AS2 (Applicability Statement 2) is the name given to implementations of RFC 4130 (MIME-Based Secure Peer-to-Peer Business Data Interchange Using HTTP) from the IETF. AS2 involves the exchange of documents over the internet using S/MIME, HTTP, and HTTPS.

AS1 and AS2 are widely recognized standards for the exchange of documents between businesses:

these standards allow users to exchange data securely and reliably using the internet. This results in reduced costs for users by eliminating the need for VANs (Value Added Networks).

To date, over 25 different companies offer products which support AS1 or AS2 or both. These products have all undergone interoperability testing facilitated by Drummond Group Inc. and are certified by eBusinessReady as being interoperable.

AS2 Transport allows you to exchange documents over the Internet using S/MIME and HTTP/S. When using AS2, data is encoded in a MIME message according to the Internet Engineering Task Force (IETF) AS2 RFC standard (RFC 4130).

Message Compression

Compression is available for large AS2 messages if a trading partner can send AS2 messages according to the IETF AS2 standard (RFC 4130) and the trading partner's AS2 product has passed interoperability testing with the Drummond Group.

There are different algorithms that can be used for compression of MIME messages. The Drummond Group AS2 interoperability test specification calls for a particular specification (draft-ietf-ediint-compression-12) to be followed when doing compression.

For large messages, compression is highly recommended. Do not use compression on smaller messages, since this might create a compressed message that is larger than the original.

Attachments

AS2 Transport supports single and multiple attachments in messages when used with TIBCO BusinessConnect Container Edition Services Plug-in (EZComm protocol).

AS2 MIME messages with attachments, described in RFC 6362 (Multiple Attachments for Electronic Data Interchange - Internet Integration (EDIINT)), are constructed in a single multipart/related MIME body part. The message payload is the first body part and any attachments are contained in subsequent body parts. Header elements indicate whether a message has an attachment and the type of attachment.

Filename Preservation

Some back-end systems require that data to be processed be stored in files with particular filenames. So for some trading partners it might be necessary to associate filenames with the contents of messages you send to them.

For AS2 messages, there is a draft specification (http://tools.ietf.org/id/draft-harding-ediint-filename-preservation-03.txt) that has been written to address this problem. The filename preservation draft specification requires that systems which conform to the specification provide the ability to specify the filename for storing the message content in the filename parameter of the Content Disposition header.

For inbound messages, the ability to pass the filename from the Content Disposition header to the back-end systems must be provided.

Some TIBCO BusinessConnect Container Edition protocols also provide the ability for the private process to specify a filename to be used as the value of the filename parameter in the Content Disposition MIME header of outgoing MIME messages, including AS2 messages.

TIBCO BusinessConnect Container Edition protocols which support specifying the filename value for the Content Disposition header will also pass the value of the filename parameter from the Content Disposition header of inbound AS2 messages to the private process.

See the User's Guide of the TIBCO BusinessConnect Container Edition protocol you are using to verify whether it supports passing the Content Disposition header filename to/from the private process.

AS2-HTTP and AS2-HTTPS

TIBCO BusinessConnect Container Edition AS2 Transport provides the ability to communicate with trading partners using AS2-HTTP/S. The following options are available:

● Authentication Supported through digital signatures.

● Security Supported through message encryption.

● Non-repudiation Supported through digital signatures and message receipts.

● Filename Preservation Supported through the use of the filename parameter in the Content Disposition header as specified in the draft-ietf-ediint-filename-preservation-02 specification.

● Compression Supported through the compression option as specified in the draft-ietf-ediint-compression-12 specification.

Synchronous request-response transactions are not supported with AS2-HTTP or AS2-HTTPS.

Message Digest Algorithm

The AS2 specification, RFC 4130, recommends that the SHA-1 hash algorithm be used to calculate the message digest for all outbound messages. By default, the TIBCO BusinessConnect Container Edition AS2 transport will always use the SHA-1 hash algorithm regardless of the Digest Algorithm setting for the business agreement.

For messages with multiple attachments, the message digest is calculated over the whole multipart MIME package, not just the message payload, as described in RFC 3335 (MIME-based Secure Peer-to-Peer Business Data Interchange over the Internet) and RFC 5402 (Compressed Data within an Internet Electronic Data Interchange (EDI) Message).

To override the default use of SHA-1 for the hash algorithm by the AS2 transport, you can set the TIBCO BusinessConnect Container Edition property bc.ediint.digestAlgorithmEnabled as follows:

● If bc.ediint.digestAlgorithmEnabled is set to true, the AS2 transport will use the digest algorithm that is specified in the business agreement Document Security settings.

● If bc.ediint.digestAlgorithmEnabled is false (the default), the AS2 transport will ignore the digest

Disabling Session Cache for HTTPS

HTTPS (SSL) transport endpoints (HTTPS, AS2-HTTPS) use an internal SSL transport cache to significantly improve the performance of negotiating security parameters while establishing trusted connections.

In some situations, problems might arise when third party server implementations are not able to properly handle cached sessions or renegotiation of security properties at the beginning of each application level communication session. For example, the Initiator always wants to ensure that the peer's credential is the one that is trusted and hasn't changed during any cached session.

The cache usually holds successfully negotiated security parameters for about 20 minutes, which means that large numbers of transactions between the Initiator and any given trading partner will require a credential renegotiation in approximately 20 minutes.

In order for BusinessConnect Container Edition to enforce the renegotiation of the peer's credentials, the Disable Session Cache check box can be selected for any individual outgoing transport. When selected, each time when TIBCO BusinessConnect Container Edition has business data to be delivered to the corresponding trading partner, the peer's credentials are requested and reverified.

For more information and the right location for disabling and enabling session cache see bc.ssl.disableSessionCache.

AS2 Identifiers

TIBCO BusinessConnect Container Edition provides the ability to communicate with trading partners using AS2-HTTP and AS2-HTTPS. For AS2 transport, two headers are added in addition to the HTTP headers: AS2-From and AS2-To. When TIBCO BusinessConnect Container Edition sends an AS2 MIME message, the values in the message’s AS2-From and AS2-To fields will be set with the AS2 Identifier values entered during configuration of the trading partners. AS2 identifiers are selected in the AS2 Identifier list in the Partner Management > Partners > Partner Name > Protocol> Edit Configurations >

General tab.

If the AS2 Identifier lists are left as blank, an error will show up reminding that the AS2 trading partner identifier is missing.

Sending and Receiving

When a document is sent from a host to a partner using AS2, the header AS2-From contains the value agreed for the trading host and the header AS2-To contains the value agreed for the trading partner.

When an AS2 message is received by TIBCO BusinessConnect Container Edition, the AS2-To header is matched against the AS2 Identifier value entered for the host, and the AS2-From header is matched against the AS2 Identifier entered for the partner. If there is no match, then an error is logged to indicate that an AS2 message was received from an unknown trading partner.

Adding AS2 Identifiers