The definitive guide to setup on Windows
The definitive guide to setup on Windows
Is this you?
Hands sore from banging the keyboard.
Monitor has a dint in it from being knocked of the table.
Space bar no longer works due to damage from hand.
Every second word starts with an F and ends in ING.
If it is then I hope that this will help. Setting up MEC isn’t that hard but you need to make sure of a few simple rules.
1. Check your spelling.
2. Do what this says
3. see rule 1
For example you can waste hours trying to work out why this doesn’t work (I know I did)
http://abc.com/as2/httpreceiver Don’t use this link it is just an example
In total desperation you cut and paste what it says and it does work.
http://abc.com/as2/HttpReceiver Don’t use this link it is just an example
httpreciever is not the same as HttpReceiver nor is Httpreceiver
This is just an example of how careful you should be.
OK let’s set up the AS2 server and then the https server.
What we need.
NOTE : Do not cut and paste code from this page as it will not work, you must do it from your own system, using your files. I have had to change this so they display and if you paste them they will fail.
I hope you can cut and paste the links below however.
First you need to download a bit of stuff.
http://sourceforge.net/project/showfiles.php?group_id=163866&package_id=...
And download install_mendelson_opensource_as2_1.1b27.exe
Don’t download the zip – this guide will only work for the .exe
Only download version b27 as there are changes since v25 which do not work for this guide.
Save it to your desktop.
Next you will need portecle from this page
http://sourceforge.net/project/showfiles.php?group_id=118439&package_id=...
And download portecle-1.4.zip , save it to your desktop.
Lastly you need to have Java installed on your computer. As it turned out I didn’t have the right version but in the installation it did download it for me. If you do have Java on your machine then just follow the below and update Java when requested. If you don’t have JAVA then go to the website and download it. It is pretty big but everything works with JAVA so you will need it.
http://java.com/en/download/index.jsp
Set it all up
In this example I will show you how to set up two systems so you can test it yourself. I will use the names Main system and test system. If you don’t have two computers then you are on your own or maybe someone else could use this guide and alter it to make a new thread.
Lets make the computer we just downloaded everything onto the Main system.
On the desktop of the main system you will find portecle-1.4.zip just double left click on it and your ZIP program will show you the folder “portecle 1.4â€, drag and drop it onto your desktop.
That wasn’t too hard was it, you just installed portecle, and you can delete that ZIP file now.
On the desktop of the main server you will find install_mendelson_opensource_as2_1.1b27.exe, double left click on it and follow the prompts. Install it to the C drive as I will be referring to this during the guide. The only alteration you should make is the location of the short-cuts – put these onto your desktop.
Once it is done you will have AS2, AS2stop and “Uninstall AS2†all on the desktop of the main computer. Do NOT delete the exe file.
Create a shortcut to this folder “C:\mendelson\opensource\as2†and put it on your desktop.
Rearrange all the icons so they are on your desktop neatly.
Not to hard again, this has basically installed the MEC AS2 server on your machine. We need to tweak it a bit but as far as the installation is concerned we are done.
Open ports and firewalls
Configure your router so it forwards ports 8083 and 443 to the main system and ports 8084 and 8443 to the test system.
I found it easier just to turn the firewall of at this stage, do all the setting and testing and then turn the firewall back on so it could allow everything in one go.
Configuring the main system
There really isn’t much to do here even though it does go for a while but I have spelt everything out really carefully so a lot of it is repeated.
Open the shortcut to C:\mendelson\opensource\as2 and open the folder to jetty and then to etc. In this folder you will find jetty.xml. Right click on this and left click on “open with†then click on “note padâ€
Don’t be scared it is pretty simple what we need to do.
Scroll down about a page and find this
< !-- ======================== -->
< !-- Set connectors -->
< !-- ======================================== -->
< !-- One of each type! -->
< !-- ======================================== -->
Directly under this you will find a change the ports ONLY to these
< Call name="addConnector">
< Arg>
< New class="org.mortbay.jetty.nio.SelectChannelConnector">
< Set name="port">< SystemProperty name="jetty.port" default="8083"/>< /Set>
< Set name="maxIdleTime">30000< /Set>
< Set name="Acceptors">2< /Set>
< Set name="confidentialPort">443< /Set>
< /New>
< /Arg>
< /Call>
NOTE : Do not cut and paste code from this page as it will not work, you must do it from your own system, using your files. I have had to change this so they display and if you paste them they will fail.
Don’t touch anything else. Close the window and you will be asked if you want to save the file – click on YES.
What this has done is configure MEC to port 8083 for normal AS2 and port 443 for https (which we will finish the setup for later).
Close the etc window.
On the desktop on the main system you will find a folder called “portecle 1.4†open this folder. In the folder you will find “portecle.jarâ€, double left click on it. It will show you some keys for a few seconds and then the main screen. If you don’t have JAVA or have the wrong version it will tell you.
On the main screen of portecle Click on FILE and then on OPEN KEYSTORE FILE.
Use the menu to move to C:\mendelson\opensource\as2 and you will see “certificates.p12â€, highlight it and click on OPEN. It will ask you for the password, type in “test†(without the quotes) and press enter.
(You cannot change the password so don’t worry about it)
Left click on the first entry and then right click on it and select DELETE, click on YES to confirm and then repeat for the other entries in the list. This will give us a blank key store to start with.
Now with AS2 it is all done with keys, your keys are used by you to set up the AS2 server and your certificates are used by your partners so they can read what you send them. In the reverse it works so you can receive files. A certificate is generated from the key pair.
Click on TOOLS and then on GENERATE KEY PAIR.
Make sure RSA is selected and the size is 1024 and click on OK. In a second you will be shown a screen where you enter in your information.
Make sure it is SHA1withRSA and change the validity to 3000
In the next three lines type in “main system†(no quotes)
The type in your suburb, state, country code (2 letters only) and your email address. Then click on OK. Enter in the alias of “main system†(no quotes – in fact sick of typing in no quotes so just assume there are no quotes from now on) and click on OK and then click on OK again.
You have just made your keys for the main server. We now need to create a certificate for our test server to use
Highlight the line for main system, right click on it, and left click on EXPORT. Select “certificate chain†and “PKCS #7†and click on OK. Save it to your desktop, change the name to “main system.cerâ€, and click on EXPORT. Click on OK when the successful window appears.
Close portecle and click on YES to save the key store.
Close the portecle 1.4 folder window.
On the desktop on the main system you will find an icon for AS2, just double left click on it. You will get the Mendelson splash screen and then the main window will open.
Click on the partner button and then left click on the little green man for the Mendelson line. Left click on the DELETE icon (just up from there and to the right). I assume you have tested the connection with Mendelson during the process of trying to kill your keyboard.
Now left click on the green house
Local station is ticked
Name is “main systemâ€
As2 id is “mainsystemâ€
Email address is your email address. (Doesn’t have to be the same as in the key store)
The AS2 ID is case sensitive and spaces count so tell your partners the exact id you have used. “mainsystem†is not the same as “MainSystem†or “mainSystem†or “main systemâ€. When you do your real setup, write it down exactly and stick it to the computer case. You will forget, trust me…..
Click on the security tab and select “main system†from the list for both lines.
Click on the MDN tab
For the MDN url you will need to know your ip address or the web address that points to your IP address. If you use no-ip or a dynamic server then this is fine as well.
Fill it in so it looks like this
http://< your address >:8083/as2/HttpReceiver make sure you use HttpReceiver not httpreceiver
Click on OK
On the desktop on the main system you will find an icon for AS2stop, just double left click on it and it will close the AS2 window.
On the desktop on the main system you will find an icon for AS2, just double left click on it, this will reload the information and run your system.
Open internet explorer or your web browser program and type in this url
http://< your address >:8083/as2/HttpReceiver
You will get this display
mendelson opensource AS2 1.1 build 27
(c) 2000-2009 mendelson-e-commerce GmbH Berlin, Germany
You have performed an HTTP GET on this URL.
To submit an AS2 message, you must POST the message to this URL
Change the url from HttpReceiver to “start†and press enter you will be asked for a username and password type in guest for both and hit ok.
You will be shown the log page; it is pretty cool so have a play with it.
If you don’t get the above then turn of your firewall and try again, check your router for the port forwarding and try again. If all else fails read the above again and check everything.
If you do get the above (which I expect you will have) then that is it you have successfully set up the main system. You don’t have any partners so let’s do that now and set up the “test systemâ€
Configuring the test system
Since you have already done it once this should be a snap.
First copy the install_mendelson_opensource_as2_1.1b27.exe from the desktop of the main system to the desktop of the test system, and then copy the portecle folder from the desktop of the main system to the desktop of the test system. Lastly copy the “main system.cer†from the desktop of the main system to the desktop of the test system.
On the desktop of the test system you will find install_mendelson_opensource_as2_1.1b27.exe, double left click on it and follow the prompts. Install it to the C drive as I will be referring to this during the guide. The only alteration you should make is the location of the short-cuts – put these onto your desktop.
Once it is done you will have AS2, AS2stop and “Uninstall AS2†all on the desktop of the test computer. You should save the EXE somewhere safe or delete it.
Create a shortcut to this folder “C:\mendelson\opensource\as2†and put it on your desktop.
Rearrange all the icons so they are on your desktop neatly.
Open the shortcut to C:\mendelson\opensource\as2 and open the folder to jetty and then to etc. In this folder you will find jetty.xml. Right click on this and left click on “open with†then click on “note padâ€
Don’t be scared it is pretty simple what we need to do.
Scroll down about a page and find this
< !-- =========================================================== -->
< !-- Set connectors -->
< !-- =========================================================== -->
< !-- One of each type! -->
< !-- =========================================================== -->
Directly under this you will find a change the ports ONLY to these
< Call name="addConnector">
< Arg>
< New class="org.mortbay.jetty.nio.SelectChannelConnector">
< Set name="port">< SystemProperty name="jetty.port" default="8084"/>< /Set>
< Set name="maxIdleTime">30000< /Set>
< Set name="Acceptors">2< /Set>
< Set name="confidentialPort">8443< /Set>
< /New>
< /Arg>
< /Call>
Don’t touch anything else. Close the window and you will be asked if you want to save the file – click on YES.
NOTE : Do not cut and paste code from this page as it will not work, you must do it from your own system, using your files. I have had to change this so they display and if you paste them they will fail.
What this has done is configure MEC to port 8084 for normal AS2 and port 8443 for https (which we will finish the setup for later).
Close the etc window.
On the desktop on the test system you will find a folder called “portecle 1.4†open this folder. In the folder you will find “portecle.jarâ€, double left click on it. It will show you some keys for a few seconds and then the main screen. If you don’t have JAVA or have the wrong version it will tell you.
On the main screen of portecle Click on FILE and then on OPEN KEYSTORE FILE.
Use the menu to move to C:\mendelson\opensource\as2 and you will see “certificates.p12â€, highlight it and click on OPEN. It will ask you for the password, type in “test†and press enter.
(You cannot change the password so don’t worry about it)
Left click on the first entry and then right click on it and select DELETE, click on YES to confirm and then repeat for the other entries in the list. This will give us a blank key store to start with.
Now with AS2 it is all done with keys your keys are used by you to set up the AS2 server and your certificates are used by your partners so they can read what you send them. In the reverse it works so you can receive files.
Click on TOOLS and then on GENERATE KEY PAIR.
Make sure RSA is selected and the size is 1024 and click on OK. In a second you will be shown a screen where you enter in your information.
Make sure it is SHA1withRSA and change the validity to 3000
In the next three lines type in “test system†(no quotes)
The type in your suburb, state, country code (2 letters only) and your email address. Then click on OK. Enter in the alias of “test system†and click on OK and then click on OK again.
You have just made your keys for the test server. We now need to create a certificate for our main server to use
Highlight the line for test system, right click on it, and left click on EXPORT. Select “certificate chain†and “PKCS #7†and click on OK. Save it to your desktop, change the name to “test system.cerâ€, and click on EXPORT. Click on OK when the successful window appears.
Since we are here we may as well import the certificate for the main system.
Click on TOOLS and then on IMPORT TRUSTED CERTIFICATE
Use the list to select your desktop and highlight the “main system.cer†and click on IMPORT. Then on OK, OK and YES.
Enter in the alias of main system and click on OK and then again on OK.
That is how you add the certificate into your system when your partners send it to you.
Close portecle and click on YES to save the key store.
Close the portecle 1.4 folder window.
On the desktop on the main system you will find an icon for AS2, just double left click on it. You will get the Mendelson splash screen and then the main window will open.
Click on the partner button and then left click on the little green man for the Mendelson line. Left click on the DELETE icon (just up from there and to the right). I assume you have tested the connection with Mendelson during the process of trying to kill your keyboard.
Now left click on the green house
Local station is ticked
Name is “test systemâ€
As2 id is “testsystemâ€
Email address is your email address. (Doesn’t have to be the same as in the key store)
When you do your real setup, write down the AS2 Id exactly and stick it to the computer case. You will forget it, trust me…..
Click on the security tab and select “test system†from the list for both lines.
Click on the MDN tab
For the MDN url you will need to know your ip address or the web address that points to your IP address. If you use no-ip or a dynamic server then this is fine as well.
Fill it in so it looks like this
http://< your address >:8084/as2/HttpReceiver make sure you use HttpReceiver not httpreceiver
Click on OK
We can now add the main system as a partner. Click on the partner button and click on NEW
Local station is NOT ticked
Name is “main systemâ€
As2 id is “mainsystemâ€
Click on the security tab and select the “main system†from the list for the first two lines (it is the one that does NOT have the green key)
For the third line select SHA1 and for the forth line select “no encryptionâ€. Some of your partners will probably want encryption but for this example we are just going to use no encryption.
Click on the send tab,
For the receipt URL type in http://< your address >:8083/as2/HttpReceiver this is the url for the main system which we tested before on the other computer.
Leave everything else the same and click on OK.
On the desktop on the main system you will find an icon for AS2stop, just double left click on it and it will close the AS2 window.
On the desktop on the main system you will find an icon for AS2, just double left click on it, this will reload the information and run your system.
Open internet explorer or your web browser program and type in this url
http://< your address >:8084/as2/HttpReceiver
You will get this display
mendelson opensource AS2 1.1 build 27
(c) 2000-2009 mendelson-e-commerce GmbH Berlin, Germany
You have performed an HTTP GET on this URL.
To submit an AS2 message, you must POST the message to this URL
Change the url from HttpReceiver to “start†and press enter you will be asked for a username and password type in guest for both and hit ok.
You will be shown the log page.
If you don’t get the above then turn of your firewall and try again, check your router for the port forwarding and try again. If all else fails read the above again and check everything.
If you do get the above (which I expect you will have) then that is it you have successfully set up the test system and partnered it with the main system.
Back to the main system to set up the partner.
Copy the “test system.cer†from the desktop of the test system to the desktop of the main system
On the desktop on the main system you will find a folder called “portecle 1.4†open this folder. In the folder you will find “portecle.jarâ€, double left click on it. It will show you some keys for a few seconds and then the main screen.
On the main screen of portecle Click on FILE and then on OPEN KEYSTORE FILE.
Use the menu to move to C:\mendelson\opensource\as2 and you will see “certificates.p12â€, highlight it and click on OPEN. It will ask you for the password, type in “test†and press enter.
Click on TOOLS and then on IMPORT TRUSTED CERTIFICATE
Use the list to select your desktop and highlight the “test system.cer†and click on IMPORT. Then on OK, OK and YES.
Enter in the alias of test system and click on OK and then again on OK.
That is how you add the certificate into your system when your partners send it to you.
Close portecle and click on YES to save the key store.
Close the portecle 1.4 folder window.
On the desktop on the main system you will find an icon for AS2, just double left click on it. You will get the Mendelson splash screen and then the main window will open.
Click on the partner button and click on NEW
Local station is NOT ticked
Name is “test systemâ€
As2 id is “testsystemâ€
Click on the security tab and select the “test system†from the list for the first two lines (it is the one that does NOT have the green key)
For the third line select SHA1 and for the forth line select “no encryptionâ€. Some of your partners will probably want encryption but for this example we are just going to use no encryption.
Click on the send tab,
For the receipt URL type in http://< your address >:8084/as2/HttpReceiver this is the URL for the test system which we tested before on the other computer.
Leave everything else the same and click on OK.
Done and lets test it
On the main system click on file and then on “send file to partnerâ€. Select the receiver as “test system†and then use the folder icon to locate a file to send. Make it something small as you don’t want to be waiting too long.
Click on OK and in a few seconds click on OK again.
With in a few seconds there are a lot of green lines shown in the main Mendelson window.
RED LINES
Ok if you have red lines then this is bad. If everything up to here is fine then we know it will be something simple. Read the first red line, everything after that is just logging guff.
Error: unknown-trading-partner means you have mistyped in the partner name in the AS2 ID field. Check it and then re-try. Remember no spaces all lowercase.
The others are fairly self explanatory but you should post it on the forum for a details resolution.
GREEN Lines
Green lines are good you just sent a file from the main system to the test system. If you move to the test computer and look at the folder for C:\mendelson\opensource\as2\messages you will find where the document has been sent. In this folder will be a folder for the main system as well as some others. Have a look around. Everything is logged and most things are sorted by date.
Try to do the same from the other machine.
That’s it – no more – all done
You are now ready for AS2 connections. Obviously use a better name that main system but keep the test system set up as is and just change the AS2 ID to what ever you choose for the main system in the test system partners screen.
HTTPS
Ok so AS2 isn’t good enough for you and you need SSL. HTTPS and SSL is basically the same thing you need one for the other.
Since we have everything set up above. It is fairly easy to change to https.
Run AS2stop on both machines.
On the main system computer
Open the shortcut to C:\mendelson\opensource\as2 and open the folder to jetty and then to etc. In this folder you will find jetty-ssl.xml. Right click on this and left click on “open with†then click on “note padâ€
NOTE : Do not cut and paste code from this page as it will not work, you must do it from your own system, using your files. I have had to change this so they display and if you paste them they will fail.
Don’t be scared it is pretty simple what we need to do. Find this part and copy it
< Configure id="Server" class="org.mortbay.jetty.Server">
< Call name="addConnector">
< Arg>
< New class="org.mortbay.jetty.security.SslSocketConnector">
< Set name="Port">8443
< Set name="maxIdleTime">30000< /Set>
< Set name="keystore">/etc/keystore< /Set>
< Set name="password">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4< /Set>
< Set name="keyPassword">OBF:1u2u1wml1z7s1z7a1wnl1u2g< /Set>
< Set name="truststore">/etc/keystore< /Set>
< Set name="trustPassword">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
< /New>
< /Arg>
< /Call>
< /Configure>
Then close notepad.
In the etc folder you will find jetty.xml. Right click on this and left click on “open with†then click on “note padâ€
Scroll down about a page and a half and you will find this
< !-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
< !-- To add a HTTPS SSL listener -->
< !-- see jetty-ssl.xml to add an ssl connector. use -->
< !-- java -jar start.jar etc/jetty.xml etc/jetty-ssl.xml -->
< !-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
paste the text here so it looks like this
< !-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
< !-- To add a HTTPS SSL listener -->
< !-- see jetty-ssl.xml to add an ssl connector. use -->
< !-- java -jar start.jar etc/jetty.xml etc/jetty-ssl.xml -->
< !-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
< Configure id="Server" class="org.mortbay.jetty.Server">
< Call name="addConnector">
< Arg>
< New class="org.mortbay.jetty.security.SslSocketConnector">
< Set name="Port">8443< /Set>
< Set name="maxIdleTime">30000< /Set>
< Set name="keystore">/etc/keystore< /Set>
< Set name="password">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4< /Set>
< Set name="keyPassword">OBF:1u2u1wml1z7s1z7a1wnl1u2g< /Set>
< Set name="truststore">/etc/keystore< /Set>
< Set name="trustPassword">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
< /New>
< /Arg>
< /Call>
< /Configure>
Now change it to this
< New class="org.mortbay.jetty.security.SslSocketConnector">
< Set name="Port">443< /Set>
< Set name="maxIdleTime">30000< /Set>
< Set name="keystore">/etc/new-keystore.jks< /Set>
< Set name="password">test1< /Set>
< Set name="keyPassword">test2< /Set>
< /New>
YES – remove the 2 lines, change the port number to 443, change the passwords and change keystore to new-keystore.jks
Then close notepad and click on YES to save the document.
Move to the test system and do exactly the same thing - remove the 2 lines, change the passwords, change keystore to new-keystore.jks but change the port number to 8443.
Now just to clarify what this all does. An https server is a secure server. It works by allowing people who have you certificates access to it. Now I know that normal AS2 works on the same principal but https uses a different way of sending the files. Supposedly more secure. For me normal AS2 is fine but for some partners they insist of https so that is why I have had to do it and hence know how to set it up.
The new-keystore.jks is basically the same as the one we have already created but it can contain trusted certificates from your partners so they can interact with you and you with them via Https. Because it is a new file it can have a new password, one we can change to open the key store. Within the key store is a key pair which will also have a password, once again something we can change. This is why I have used test1 and test2 in the above. You can use a coding for the passwords like OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 but I couldn’t figure that out and just couldn’t be bothered. Since you can just use text it is easier to just do it and move on.
On the desktop on the main system you will find a folder called “portecle 1.4†open this folder. In the folder you will find “portecle.jarâ€, double left click on it. It will show you some keys for a few seconds and then the main screen.
On the main screen of portecle Click on FILE and then on NEW KEYSTORE.
Make sure JKS is selected and click on OK.
Click on TOOLS and then on GENERATE KEY PAIR.
Make sure RSA is selected and the size is 1024 and click on OK. In a second you will be shown a screen where you enter in your information.
Make sure it is SHA1withRSA and change the validity to 3000. You can also use MD2withRSA and this is used in the Verisign Version 3 certificate. However, we will stick with SHA1
In the next three lines type in “main system†(no quotes)
The type in your suburb, state, country code (2 letters only) and your email address. Then click on OK. Enter in the alias of “main system-ssl†and click on OK and then type in the password of test2 into both fields and click on OK again.
We now need to create a certificate for our test server to use
Highlight the line for main system-ssl, right click on it, and left click on EXPORT. Select “certificate chain†and “PKCS #7†and click on OK. Save it to your desktop, change the name to “main system-ssl.cerâ€, and click on EXPORT. Click on OK when the successful window appears.
Close portecle and click on YES to save the key store. Type in the password of test1 for both fields and hit OK.
Use the list to save the key store to C:\mendelson\opensource\as2\jetty\etc and save it as new-keystore.jks
Is it all beginning to come together now?
Close the portecle 1.4 folder window.
Move “main system-ssl.cer†from the desktop of the main system to the desktop of the test system
On the desktop on the TEST system you will find a folder called “portecle 1.4†open this folder. In the folder you will find “portecle.jarâ€, double left click on it. It will show you some keys for a few seconds and then the main screen.
On the main screen of portecle Click on FILE and then on NEW KEYSTORE.
Make sure JKS is selected and click on OK.
Click on TOOLS and then on GENERATE KEY PAIR.
Make sure RSA is selected and the size is 1024 and click on OK. In a second you will be shown a screen where you enter in your information.
Make sure it is SHA1withRSA and change the validity to 3000. You can
In the next three lines type in “test system†(no quotes)
The type in your suburb, state, country code (2 letters only) and your email address. Then click on OK. Enter in the alias of “test system-ssl†and click on OK and then type in the password of test2 into both fields and click on OK again.
We now need to create a certificate for our main server to use
Highlight the line for test system-ssl, right click on it, and left click on EXPORT. Select “certificate chain†and “PKCS #7†and click on OK. Save it to your desktop, change the name to “test system-ssl.cerâ€, and click on EXPORT. Click on OK when the successful window appears.
Now we can import the SSL certificate from the main system.
Click on TOOLS and then on IMPORT TRUSTED CERTIFICATE
Use the list to select your desktop and highlight the “main system-ssl.cer†and click on IMPORT. Then on OK, OK and YES.
Enter in the alias of main system-ssl and click on OK and then again on OK.
That is how you add the SSL certificate into your system when your partners send it to you. You can add multiple certificates, when they expire you just replace it with the new one.
Close portecle and click on YES to save the key store. Type in the password of test1 for both fields and hit OK.
Use the list to save the key store to C:\mendelson\opensource\as2\jetty\etc and save it as new-keystore.jks
Close the portecle 1.4 folder window.
Move “test system-ssl.cer†from the desktop of the test system to the desktop of the main system
On the desktop on the MAIN system you will find a folder called “portecle 1.4†open this folder. In the folder you will find “portecle.jarâ€, double left click on it. It will show you some keys for a few seconds and then the main screen.
On the main screen of portecle Click on FILE and then on OPEN KEYSTORE FILE.
Use the menu to move to C:\mendelson\opensource\as2\jetty\etc and you will see “new-keystore.jksâ€, highlight it and click on OPEN. It will ask you for the password, type in “test1†and press enter.
Click on TOOLS and then on IMPORT TRUSTED CERTIFICATE
Use the list to select your desktop, highlight the “test system-ssl.cerâ€, and click on IMPORT. Then on OK, OK and YES.
Enter in the alias of test system-ssl and click on OK and then again on OK.
Close portecle and click on YES to save the key store.
Close the portecle 1.4 folder window.
HTTPS – in mec
Run AS2 on the main system
Click on Partner
Click on main system
Click on the MDN tab
Change the MDN url to https://< your address >:443/as2/HttpReceiver and click on OK.
Click on Partner
Click on test system
Click on the Send tab
Change the receipt url to https://< your address >:8443/as2/HttpReceiver and click on OK.
Run AS2 on the test system
Click on Partner
Click on test system
Click on the MDN tab
Change the MDN url to https://< your address >:8443/as2/HttpReceiver and click on OK.
Click on Partner
Click on main system
Click on the Send tab
Change the receipt url to https://< your address >:443/as2/HttpReceiver and click on OK.
HTTPS – testing
Open internet explorer or your web browser program and type in this url
https://< your address >:443/as2/HttpReceiver
You will a warning about a certificate so click on OK (its your certificate) and you will then get this display
mendelson opensource AS2 1.1 build 27
(c) 2000-2009 mendelson-e-commerce GmbH Berlin, Germany
You have performed an HTTP GET on this URL.
To submit an AS2 message, you must POST the message to this URL
If you don’t get the above then turn of your firewall and try again, check your router for the port forwarding and try again. If all else fails read the above again and check everything.
If you do get the above (which I expect you will have) then that is it you have successfully set up the main system https ssl sever.
Then do the same for the test system
https://< your address >:8443/as2/HttpReceiver
If you don’t get the above then turn of your firewall and try again, check your router for the port forwarding and try again. If all else fails read the above again and check everything.
If you do get the above (which I expect you will have) then that is it you have successfully set up the test system https ssl sever. You can also test the start page by changed HttpReceiver to start in the URL.
HTTP- sending a file
On the main system click on file and then on “send file to partnerâ€. Select the receiver as “test system†and then use the folder icon to locate a file to send. Make it something small as you don’t want to be waiting too long.
Click on OK and in a few seconds click on OK again.
With in a few seconds there are a lot of green lines shown in the main Mendelson window.
RED LINES
Ok if you have red lines then this is bad. If everything up to here is fine then we know it will be something simple. Read the first red line, everything after that is just logging guff.
Error: unknown-trading-partner means you have mistyped in the partner name. Check it and then re-try. Remember no spaces all lowercase.
The others are fairly self explanatory but you should post it on the forum for a details resolution.
GREEN Lines
Green lines are good you just sent a SSL HTTPS file from the main system to the test system. If you move to the test computer and look at the folder for C:\mendelson\opensource\as2\messages you will find where the document has been sent. In this folder will be a folder for the main system as well as some others. Have a look around. Everything is logged and most things are sorted by date.
Done – finished – completed
You have a working HTTPS SSL server with a SSL certificate you can send to your partners.
WHAT DO I WANT
If you want to use this to create a new thread for Linux or MAC all good
If there is a mistake please post what it is
No rights at all - if Mendelson can use this then all good.
Please keep this thread windows only – I kept getting lost in the other threads about stuff I later figured out wasn’t windows at all.
WHAT DO I REALLY WANT
I want to know where I can change the password for the start page.
I cannot remember the link to the status page – I was sure there was one but now cannot find it.
Are there any other pages we can access?
Have fun. :)
PS I know as soon as I hit SUBMIT I will remember something I have missed.
Best regards
Damon Pillinger
Hi Heller,
cool
Is there anyway you can edit my post to include your reply in the appropriate places?
Is the staus page a simple thing of putting a xml file into jetty somewhere?
Didnt try to change the keystore password as I asked about this before and it was locked, I should have checked before posting.
Thanks
Damon
if you receive a red line for SSLHandshakeException
this means that you (the sender) does not have the SSL certificate for the receiver.
You should contact the receiver and obtain there SSL certificate. It may have just expired.
You add the certificate to the keystore located in /jetty/etc/ then save the information and reboot your medelson and send again.
Damon
if you receive the red line for processed/error: unknown-trading-partner
this means that your partner does not have your AS2 ID correct on there set up
You should contact your partner and get them to check it is correct - it is case sensitive so testserver is not the same as TestServer.
Damon
If you receive the red line for processed/error: unknown-trading-partner
and down the page you get the red line for
The partner configuration defines MDN from the partner "< server AS2 ID >" to be signed.
then this means you have the incorrect AS2 ID for your partner in your configuration.
Check your entry for the partners AS2 ID in the partners window. It is case sensitive, look for double sspaces as well.
Damon
if you get the red line for processed/error: insufficient-message-security
this means that you are sending a file which has a different encription setup to the settings your partner has for you.
I.e. you have no encription and they have 3DES for you.
If this was the case contact your partner and get them to change the encription to "no encription" and try again. Alternativly, you could change your encription to what they are using. i.e. 3DES , but you will need to ask them what it is set for OR just try them all untill one goes through.
Damon
if you get a red line for Transmission failed, remote AS2 server reports "Not Found"
this means the Receipt URL you are sending too is incorrect.
NOTE
/as2/Httpreceiver is not the same as /as2/HttpReceiver
check your spelling (twice) if it is correct use internet explorer to test it and then try different combinations. If all else fails contact your partner and get them to send you a link to there receiver page, test it in explorer and then paste it into the Receipt URL field for your partner.
Damon
if you get the red line for Wait time for MDN expired
this means you have requested a ASYNC MDN and your parter has you set up to do SYNC MDN.
You will have waited about 5 minutes for this message to appear as well.
Contact your partner and request they change it to ASYNC or you could change your setup to send a SYNC MDN in the partner window under the MDN tab select Request SYNC MDN.
Damon
if you get the red line for Transmission failed, remote AS2 server reports "Internal Resource Error".
This means that your partner is experiencing technical difficulties.
You should contact them and ask they reboot there system. If this does not fix the problem ask there IT department to look into the problem.
It is more than likely a problem on there side.
Damon
damon,
Its also possible to set the wait time for the MDN in the mendelson opensource AS2 server settings. It defaults to 30 mins.
The status page of the server could not be accessed by a simple HTML call atm. We didnt expect this requirement to be honest, I will add it to the tracker for the next release.
To the keystore pass: You cannot change the keystore pass itself in our software but change the password used from mendelson opensource AS2 to access the keystore. This was a missunderstanding I think.
Regards
Heller
Hi Heller,
cool - thanks
Damon
If you get a red line for The received sync MDN seems not to be in right format. Missing header value "as2-to".
This means that your partner does not have your correct AS2 ID on there system. Remember to check that they have the correct case and check for spaces
Mendelson is not the same as mendelson or MENDELSON
If possible email them the exact ID so they can cut and paste.
I have found that excluding spaces usually makes it a lot better and stick to either all upper or all lower case.
I.e. mendelsonas2server4 you can read to them as mendelson as2 server 4
Damon
OK this one was a bit tricky. Firstly has it just happened all of a sudden?
If it has and you think it is your probelm and not your partners then do this.
Turn off your firewall on that machine
Try again.
I found Zone Alarm has taken a disliking to MEC after running happily for 2 weeks.
Worked it out by using IE to look for the start page on the local machine - which it found
Looking from a remote machine within the network for the IP address i.e. 192.168.0.27:443/as2/start - which it found
Looking for the WWW address which it didnt find i.e. www.acme.com:443/as2/start
Therefore it was a connection from the outside world problem not a local network problem. Hence Firewall.
Thanks
Damon
This can be a few things but the one I found to be the problem was after a re-install.
Check the keystore and password for https are correct in
Preferences/security panel
If you have done a re-install these fields do not change even though you have pasted the entire folder from the old system to the new system.
Thanks
Damon
If you just want to check that the AS2 sever is all OK, point your browser to
http://address:port/as2/ServerState
Once again /as2/ServerState isnt the same as /as2/serverstate or /as2/Serverstate
It is case sensitive.
Thanks
Damon
1 comment to setting up SSL:
paste the text here so it looks like this
.
< !-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
< !-- To add a HTTPS SSL listener -->
< !-- see jetty-ssl.xml to add an ssl connector. use -->
< !-- java -jar start.jar etc/jetty.xml etc/jetty-ssl.xml -->
< !-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
.
< Configure id="Server" class="org.mortbay.jetty.Server">
< Call name="addConnector">
< Arg>
< New class="org.mortbay.jetty.security.SslSocketConnector">
< Set name="Port">8443< /Set>
< Set name="maxIdleTime">30000< /Set>
< Set name="keystore">/etc/keystore< /Set>
< Set name="password">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4< /Set>
< Set name="keyPassword">OBF:1u2u1wml1z7s1z7a1wnl1u2g< /Set>
< Set name="truststore">/etc/keystore< /Set>
< Set name="trustPassword">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
< /New>
< /Arg>
< /Call>
< /Configure>
.
Now change it to this
.
< New class="org.mortbay.jetty.security.SslSocketConnector">
< Set name="Port">443< /Set>
< Set name="maxIdleTime">30000< /Set>
< Set name="keystore">/etc/new-keystore.jks< /Set>
< Set name="password">test1< /Set>
< Set name="keyPassword">test2< /Set>
< /New>
.
YES – remove the 2 lines, change the port number to 443, change the passwords and change keystore to new-keystore.jks
Actually, the opening < Configure ... > and closing < /Configure> should not be copied. < call> and < arg> need to be kept, though (it's a little confusing). Then it works like a charm.
Greetings, Tobias
© 1999-2010 mendelson-e-commerce GmbH | Twitter | Contact us
Damon,
thanks for this guide, I made it sticky.
To change the password of the web interface please modify the file jetty/etc/realm.properties, e.g. to
myuser: mypassword,monitor
Please do not change the rule ("monitor").
It is very important to change the default password for any installation because else everybody could have a look onto your transactions!
To change the access password of the encryption/signature keystore please open the server preferences in the as2 client (File-Preferences-[Tab] Security). You have to restart the as2 server afterwards.
Regards
Heller