on 01-15-2013 1:20 PM
Hi,
we are working on one of interfac with BANK where we are using AS2 adapter...now they have come with the idea of using X.509 encryption and they wanted to check if that supports AS2 or not..we are using PI 7.1..can someone please help me in configuring X.509 encryption for As2 adapter and its pre requisites and any limitations wiht PI 7.1 if any..
will PI 7.1 supports X/.509 encryption?
please advise.
Hi Smith,
X.509 is a standard that is currenly used by most applications that use the Public-Key-Infrastructure.
If you create a Private-Key in the NWA-Keystore, the certificate that can be exported from this key will be in X.509 Standard.
Also, if you need to encrypt, the Bank will most likely also provide you a certificate in X.509-Standard.
Actually, XI/PI expect that you use X.509 certificates, so this is all standard.
Also, the Seeburger AS2-Adapter is working perfectly fine if you encrypt with a X.509 certificate.
So there is no special prerequisite for using X,509...
For using it in AS2, you need to do the main steps according the configuration.
- create a view in NWA-KeyStore
- import the certificate to the view
- create a user in PI that has the authorization "view-creater" for this view
Then you can use this certificate in the Receiver-Agreement when you send out the files to the Bank and select the button "encrypt" in the Channel.
Regards
Stefan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stefan,
thanks for your reply.
when i looked into our current set up...this is what i got.
which gives two versions, one in PLCS#8 RSA and there is another version below certificate which is ver3. X.509..
Do you know what does this indicates?
If i need to add X.509 encryption..do i need to do the following? please advise.
1. Create a new Private key for X.509 and upload the certificates into it...which certificate i need to upload?
2. we also get the certificates from client(BANK)..do we need to import this into separate location if it's X.509 or same as other certificates.
please advise
Hi,
that looks like a perfect "KeyPair"...so your private key is in PKCS#8-version/format and the corresponding public certificate is stored in X.509 version.
If you receive the certificate from the Bank you can import it in any keystore-view you like (on the NWA KeyStore)...you just have to make sure that the correct Authorization is provided to the used "adapter-user" ...as specified in the initial post,
Regards
Stefan
User | Count |
---|---|
86 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.