In this tutorial, we walk you through the basic steps of how to set up and configure an AS2 server.
AS2 uses public keys and private keys to encrypt/decrypt file transfers, strengthening security around sensitive documents and information. While AS1 relied on SMTP, AS2 uses S/MIME and HTTP/S to move data between IP addresses. With AS2, security, authentication, message integrity and privacy are ensured with encryption, digital certificates and nonrepudiation techniques.
Below are the initial steps that will eventually allow you to carry out EDI transactions with an increasing number of trading partners already using this popular B2B file transfer protocol.
Watch The Video
Would you prefer to watch a video version of this tutorial instead? You can play the video below. Otherwise, just skip it if you wish to continue reading.
The steps you're about to follow will be done on JSCAPE MFT Server, a managed file transfer server that, in addition to AS2, also supports several other file transfer protocols like FTP/S, HTTP/S, OFTP, AFTP, SFTP and others. JSCAPE MFT Server already comes with a powerful automation feature called Triggers, which enables admins to automate a variety of business processes, making it the perfect solution for transferring EDI data and payloads in near real-time.
You may download a free, fully functional evaluation edition of JSCAPE MFT Server here:
Creating A User
All inbound AS2 transfers need to be associated with an existing user account. This will enable JSCAPE MFT Server to determine where to store incoming files sent via AS2. For authenticated transfers, all uploaded files will be sent to the user account specified by the AS2 sender. And for unauthenticated transfers, i.e. transfers wherein the AS2 sender didn't specify a user account, all uploaded files will be sent to the default user account specified in Settings > Web > AS2. We'll show you that in a short while.
What's important to note at this point is that, regardless how an AS2 sender connects, an existing user account will be required. So, the first thing we need to do is to create a user account.
Once you're logged into the JSCAPE MFT Server Manager, go to Domains, select a domain where you want to create a user account, and then click the Edit button.
Next, go to the Users module and click the Add button.
After that, choose a template. Let's just choose the Default template for now. And then click OK.
Fill up the relevant fields, like the Name, Login name, password, and so on, and then click OK when you're done.
You should then see your newly created user in the Users panel.
Setting Up HTTP/S
AS2 runs over HTTP or HTTPS so you can transfer documents to any trading partner with internet connectivity. Before you start configuring any AS2 settings, you'll need to have an HTTP or HTTPS service up and running on your server. To enable HTTP or HTTPS, go to Settings > Web > Web and then tick HTTP on host and/or HTTPS on host. Let's just click HTTPS on host here. After that, click the Apply button at the lower-right corner of that screen.
Once you have your HTTP/S all powered up, you can then begin enabling AS2.
Assuming HTTP/S is already up, the first thing you've got to do is enable AS2 on the server. In the JSCAPE MFT Server Manager main screen, go to Settings > Web > AS2 and then tick the checkbox labeled Enable AS2.
We just want a very basic AS2 set up for now, just enough to get us started. So, just skip the other settings and scroll down directly to the checkbox labeled "Bind unauthenticated transfers to domain." Tick that check box as well. After that, select the domain (host name) that contains the AS2 user account you created earlier, as well as the username of that user account.
All files/EDI messages received from other AS2 servers will be automatically saved into a folder under this particular user account, regardless of content type. In this example.
Next, we need to specify the folder where AS2 messages received from other AS2 servers will be stored. Enter the path of that folder in the Upload directory field or just leave that as is. Note that this is a relative path that will be located under the bound user account's root directory. This doesn't have to be an existing folder. JSCAPE MFT Server will automatically create the folder for you.
As soon as you're done, navigate to the bottom-right corner of that screen and click the Apply button.
After the page reloads, you should be back at the main screen. Click the Domains menu and then double-click the domain you specified earlier. In our example, that would be "mftserver1".
Once inside the domain, go to the Services menu and then click the Add button.
Select AS2 from the drop-down list and then click OK.
When the next screen pops up, click OK again.
You should then see it has added AS2 to the Services tab.
You have just configured all the basic settings needed for receiving AS2 messages. Because there will be times when you'll need your MFT Server instance to send AS2 messages to your trading partners, we now proceed to discuss the settings for sending outbound AS2 messages.
Configuring Trading Partner Settings For Sending AS2 Messages
In JSCAPE MFT Server, AS2 messages are sent via what are known as Trading Partners. Trading Partners are special objects in the JSCAPE MFT Server environment that encapsulate all the necessary information needed for a partner. If you want to learn more about trading partners, here are a couple of introductory videos and articles.
Let's now start setting up our AS2 trading partner. In a production environment, you'll likely have multiple AS2 Trading Partners, with each Trading Partner pointing to a distinct company whom you transact with.
In the same domain where you added the AS2 service, navigate to the Trading Partners module and then click the Add button.
Select the AS2 protocol from the drop-down list and then click OK.
When the AS2 Trading Partner dialog box appears, enter the necessary information. This would include:
- Your desired name for this trading partner (e.g. 'tp2as2')
- The URL of your trading partner's AS2 service (e.g. https://172.31.36.51:443/as2/incoming). Ask your trading partner for this piece of information .
- The From ID - This can be any alpha-numeric value (no spaces) that uniquely identifies the AS2 ID where this message is coming from.
- The To ID - Like the From ID, this identifier can be any alpha-numeric value (no spaces) that uniquely identifies where the AS2 message is being sent to.
Note: The value of this To ID field should be equal to the incoming AS2-From header for the incoming AS2 message. So, if you're trying this out using two JSCAPE MFT Server instances, make sure the To ID in the AS2 trading partner of the first instance matches the From ID in the AS2 trading partner of the second instance and vice versa.
As you're still testing this out, there's one setting you will want to temporarily disable. Please disable the Receipt signature required setting. We won't be discussing synchronous/asynchronous MDNs yet, so enabling that will just cause an error.
In a production environment, you will of course need to enter several other pieces of information and a bunch of other settings than what we've configured here. However, this is the bare minimum you need to start exchanging AS2 messages within a test system, so this will suffice for now.
After clicking OK, you should see your newly created AS2 Trading Partner in your list of Trading Partners.
Now that you've configured your server to send AS2 messages to a trading partner, you might want to try sending messages now.
Sending AS2 Messages Manually
JSCAPE MFT Server has a built-in feature that allows you to manually manage AS2 messaging. Let's try it out. Navigate to the AS2 Messages menu and then click the Send File button.
Select the Trading Partner you created earlier and then browse to a file you want to upload. After selecting the file click OK.
After a few seconds, you should see two new records on your AS2 Messages list. One for the outgoing AS2 transmission and another one for its corresponding AS2 message disposition notification (MDN) receipt.
Let's zoom in on that a bit to see the details. So, you can see which one is outgoing and incoming, the corresponding message IDs, the filename of the uploaded file, and so on.
Of course, while it's possible to send EDI messages manually, it's not the ideal way. In order to take full advantage of EDI, EDI messages must be sent automatically. We're going to show you how to do that in our next post, so stay tuned for it.
In the meantime, why don't you try this out yourself? Download the free, fully-functional Starter Edition of JSCAPE MFT Server now.
Ready To See How We Make Managed File Transfers Easy?
Schedule a demo to watch our experts run jobs that match your use cases in JSCAPE. Get your questions answered and learn how easy it is to automate and manage all of your file transfers in JSCAPE.