Setting up AS3 (Applicability Statement 3) involves configuring both the sending and receiving partners to exchange EDI documents securely over the internet using FTP (File Transfer Protocol) or secure variants like FTPS (FTP Secure) or SFTP (SSH File Transfer Protocol). Here's a step-by-step guide to setting up AS3:
Prerequisites
- AS3-compatible software installed on both the sender and receiver sides.
- Public and private key pairs for both parties.
- FTP, FTPS, or SFTP server configured and accessible by both parties.
Step-by-Step AS3 Setup
==>> 1. Configure the FTP Server
Both the sender and receiver must have access to an FTP, FTPS, or SFTP server.
1. FTP Server Setup:
- Ensure the FTP server is properly configured with the correct settings (address, port, user credentials).
- Test FTP, FTPS, or SFTP access outside of the AS3 environment to confirm that the server is functioning correctly.
==>> 2. Generate and Exchange Certificates
1. Generate Certificates:
- Generate a public and private key pair for both the sender and receiver.
- Use a tool like OpenSSL or the certificate generation feature in your AS3 software.
2. Exchange Certificates:
- Exchange the public keys (certificates) between the sender and receiver.
- Import the receiver’s public key into the sender’s AS3 software and vice versa.
==>> 3. Configure AS3 Software
==>> Sender Configuration
1. Create a New AS3 Partner:
- Open your AS3 software and navigate to the section where you can manage trading partners.
- Create a new partner profile for the receiving partner.
2. Configure Partner Details:
- Enter the receiver’s FTP server details (FTP address, port, username, password).
- Attach the receiver’s public key to encrypt the outgoing messages.
3. Set Up Signing:
- Attach your own private key to sign the messages.
- Specify the signing algorithm (e.g., SHA-256).
4. Define FTP Transfer Settings:
- Enter details such as directory paths, transfer modes (binary or ASCII), and any additional settings required by your FTP server.
==>> Receiver Configuration
1. Create a New AS3 Partner:
- Open your AS3 software and navigate to the section where you can manage trading partners.
- Create a new partner profile for the sending partner.
2. Configure Partner Details:
- Enter the sender’s FTP server details (FTP address, port, username, password).
- Attach the sender’s public key to verify incoming signed messages.
3. Set Up Decryption:
- Attach your own private key to decrypt incoming messages.
- Specify the decryption algorithm.
4. Define FTP Transfer Settings:
- Enter details such as directory paths, transfer modes (binary or ASCII), and any additional settings required by your FTP server.
==>> 4. Test the Configuration
1. Send a Test Message:
- Create a test EDI message and send it from the sender to the receiver using the AS3 software.
- Check the sender’s logs for any errors during the sending process.
2. Receive and Process the Message:
- On the receiver’s side, check the FTP directory to ensure the message was received.
- Verify that the AS3 software has successfully decrypted and processed the message.
- Check the receiver’s logs for any errors during the receiving process.
3. Generate and Send MDN (Message Disposition Notification):
- The receiver’s AS3 software should automatically generate an MDN.
- Verify that the MDN is sent back to the sender via the FTP server.
- On the sender’s side, confirm receipt of the MDN and ensure it indicates successful processing.
==>> 5. Monitor and Maintain
1. Regular Monitoring:
- Regularly monitor the AS3 software logs for any errors or issues.
- Ensure that the FTP server is consistently accessible and functioning without interruption.
2. Certificate Management:
- Keep track of certificate expiration dates.
- Renew and exchange certificates before they expire to avoid disruptions.
3. Security Updates:
- Keep the AS3 software and FTP server software up to date with the latest security patches and updates.
By following these steps, you can set up and configure AS3 for secure EDI document exchange over FTP, FTPS, or SFTP. The key components involve configuring the FTP server, generating and exchanging certificates, configuring the AS3 software for both sending and receiving partners, and thoroughly testing the setup to ensure reliable communication.
How AS3 works in EDI step by step
AS3 (Applicability Statement 3) is a standard for securely transmitting EDI (Electronic Data Interchange) documents over the internet using FTP (File Transfer Protocol) or its secure variants like FTPS (FTP Secure) or SFTP (SSH File Transfer Protocol). Here’s a step-by-step overview of how AS3 works in EDI:
Step-by-Step AS3 Process
==>> 1. Document Preparation
1. EDI Document Creation:
- The sender's system generates an EDI document that needs to be transmitted to the receiver.
==>> 2. Document Encryption and Signing
1. Digital Signature:
- The sender’s AS3 software digitally signs the EDI document using the sender’s private key. This ensures the authenticity and integrity of the document.
2. Encryption:
- The signed document is then encrypted using the receiver’s public key. This ensures that only the intended receiver can decrypt and read the document.
==>> 3. Document Packaging
1. MIME Packaging:
- The encrypted and signed EDI document is packaged into a MIME (Multipurpose Internet Mail Extensions) format. This is similar to how files are attached to an email.
2. AS3 Headers:
- The AS3 software adds necessary AS3 headers to the MIME package to facilitate AS3 processing. These headers include information about the sender, receiver, and the security algorithms used.
==>> 4. File Transfer
1. FTP Connection:
- The sender’s AS3 software establishes a connection to the receiver’s FTP, FTPS, or SFTP server.
2. Send Document:
- The MIME-packaged document is uploaded to the receiver’s FTP server.
==>> 5. Document Reception
1. Receive Document:
- The receiver’s AS3 software detects and downloads the AS3 file from the FTP server.
2. Document Storage:
- The downloaded document is stored in a predefined directory on the receiver’s system.
==>> 6. Document Decryption and Verification
1. Decryption:
- The receiver’s AS3 software decrypts the received file using the receiver’s private key. This process extracts the signed EDI document.
2. Signature Verification:
- The AS3 software verifies the digital signature using the sender’s public key. This ensures that the document was indeed sent by the sender and has not been tampered with.
==>> 7. EDI Document Processing
1. Extract EDI Document:
- The verified and decrypted EDI document is extracted from the MIME package.
2. EDI Processing:
- The receiver’s system processes the EDI document as per the business requirements.
==>> 8. Message Disposition Notification (MDN)
1. Generate MDN:
- After processing the EDI document, the receiver’s AS3 software generates a Message Disposition Notification (MDN). The MDN includes the Message Integrity Check (MIC) value, indicating the status of the received message (success or failure).
2. Sign and Encrypt MDN:
- The MDN is digitally signed by the receiver using the receiver’s private key and encrypted using the sender’s public key.
3. Send MDN:
- The signed and encrypted MDN is uploaded to the sender’s FTP server using the configured FTP connection.
==>> 9. MDN Reception and Verification
1. Receive MDN:
- The sender’s AS3 software detects and downloads the MDN from the FTP server.
2. Decrypt MDN:
- The sender’s AS3 software decrypts the MDN using the sender’s private key.
3. Verify MDN:
- The digital signature on the MDN is verified using the receiver’s public key. This confirms the authenticity of the MDN.
4. Check MIC:
- The sender’s AS3 software compares the MIC value in the MDN with the original MIC value of the sent EDI document. If they match, it confirms that the document was received and processed successfully without alterations.
Summary
The AS3 process involves multiple steps to ensure secure and reliable transmission of EDI documents over the internet using FTP, FTPS, or SFTP. It includes signing, encrypting, packaging, sending, receiving, decrypting, verifying, and acknowledging the EDI documents, ensuring the integrity and authenticity of the data exchanged between trading partners.
No comments:
Post a Comment