SAP CPI -Setting up AS2 Receiver Adapter with Partner certificate dynamically from Partner Directory

SAP CPI -Setting up AS2 Receiver Adapter with Partner certificate dynamically from Partner Directory
Estimated read time 7 min read

SAP Integration Suite provides out of the box B2B Integration via Trading Partner Management V2 package. This blog post covers setting the AS2 receiver adapter parameters from Partner directory.

In this case you can use single connector for sending the EDI/Non EDI messages to Trading Partners. I am using Mendelson AS2 to showcase the setup needed for same.

https://mendelson-e-c.com/as2_testserver

If you would like to test your AS2 server against the mendelson AS2 test server please use the following settings before sending messages:

MDN: syncURL: http://testas2.mendelson-e-c.com:8080/as2/HttpReceiverSignature: Necessary, SHA-1 or SHA-2 or SHA-3 or any otherEncryption: Necessary, 3DES or any otherSender AS2 id (your id): mycompanyAS2Sender key (your key): (format pkcs#12, keystore pass “test”): Key3Receiver AS2 id (test servers id): mendelsontestAS2Receiver certificate (test servers certificate): (format PEM): Key4

You can use this setup if you want to send the custom filename and want to do on-premise archiving. (Currently this feature is not supported by Trading Partner V2 package as you can’t send your message to 2 receivers).

Prerequisites : We need below keys for AS2 setup:

Own Private Key – This key will be used for signing the outbound messages. This key/pair can be generated in SAP CPI or we can use sap_cloudintegrationcertificate. In this scenario we are going to import Key3.Partner/Mendelson Key: This certificate will be used to encrypt the partner message. In real time it will be shared by Trading Partner. Key4 will be used to encrypt the outbound message.

 

Below partner ID will be created in SAP CPI/IS monitoring. I prefer using AS2 ID as it is easy to remember but you can use any unique identifier or text to identify your PID uniquely.mycompanyAS2:

 

mendelsontestAS2: 

 

We can use below script to read the directory parameters and set them as property which we can be used in receiver adapter channel.

Note: You can add more String Parameters in Partner Directory. These partner Directory ID can be created based on AS2 ID or based on receiver ID identifier in EDI file to identify the partner uniquely.

Groovy Script to read the details of Sender ( Own Company) and Receiver (Mendelson/Trading Partner)

import com.sap.gateway.ip.core.customdev.util.Message;

import com.sap.it.api.pd.PartnerDirectoryService;

import com.sap.it.api.ITApiFactory;

/* Author – Rahul Yadav

*/

def Message processData(Message message) {

def service = ITApiFactory.getApi(PartnerDirectoryService.class, null);

if (service == null) {

throw new IllegalStateException(“Partner Directory Service not found”);

}

def map = message.getProperties();

// RECEIVER_ADDRESS determination based on Trading Partner

def receiverId = map.get(“RECEIVER_ID”);

def senderId = map.get(“SENDER_ID”);

if (receiverId == null) {

throw new IllegalStateException(“Receiver ID is not set in the property ‘RECEIVER_ID'”)

}

if (senderId == null) {

throw new IllegalStateException(“Sender ID is not set in the property ‘SENDER_ID'”)

}

def as2URL = service.getParameter(“AS2URL”, receiverId, String.class);

if (as2URL == null) {

throw new IllegalStateException(“AS2URL parameter not found in the Partner Directory for the partner ID ” + receiverId);

}

def partnerPublicKey = service.getParameter(“SAP_AS2_Outbound_Public_Key_Alias”, receiverId, String.class);

if (partnerPublicKey == null) {

throw new IllegalStateException(“Partner Key parameter not found in the Partner Directory for the partner ID ” + receiverId);

}

def ownSignKey = service.getParameter(“OwnPrivateKey”, senderId, String.class);

if (ownSignKey == null) {

throw new IllegalStateException(“Partner Key parameter not found in the Partner Directory for the partner ID ” + senderId);

}

message.setProperty(“AS2URL”, as2URL);

message.setProperty(“PartnerPublicKey”, partnerPublicKey);

message.setProperty(“OwnPrivateKey”, ownSignKey);

return message;

}

 

 

 

Below are the Receiver channel configurations

 

 

 

 

Once you process the message it will be transferred to Mendelson AS2 server.

 

Once message is successfully processed you will receive MDN back as we have made it synchronous and will be validated

 

Here is how attachment looks like after decryption.

 

 

Note: You can maintain and fetch all the parameters of adapter based on partner config via Partner directory by maintaining either in Partner’s PID or your own PID.

References:
https://help.sap.com/docs/cloud-integration/sap-cloud-integration/configure-as2-receiver-adapter

 

 

​ SAP Integration Suite provides out of the box B2B Integration via Trading Partner Management V2 package. This blog post covers setting the AS2 receiver adapter parameters from Partner directory.In this case you can use single connector for sending the EDI/Non EDI messages to Trading Partners. I am using Mendelson AS2 to showcase the setup needed for same.https://mendelson-e-c.com/as2_testserverIf you would like to test your AS2 server against the mendelson AS2 test server please use the following settings before sending messages:MDN: syncURL: http://testas2.mendelson-e-c.com:8080/as2/HttpReceiverSignature: Necessary, SHA-1 or SHA-2 or SHA-3 or any otherEncryption: Necessary, 3DES or any otherSender AS2 id (your id): mycompanyAS2Sender key (your key): (format pkcs#12, keystore pass “test”): Key3Receiver AS2 id (test servers id): mendelsontestAS2Receiver certificate (test servers certificate): (format PEM): Key4You can use this setup if you want to send the custom filename and want to do on-premise archiving. (Currently this feature is not supported by Trading Partner V2 package as you can’t send your message to 2 receivers).Prerequisites : We need below keys for AS2 setup:Own Private Key – This key will be used for signing the outbound messages. This key/pair can be generated in SAP CPI or we can use sap_cloudintegrationcertificate. In this scenario we are going to import Key3.Partner/Mendelson Key: This certificate will be used to encrypt the partner message. In real time it will be shared by Trading Partner. Key4 will be used to encrypt the outbound message. Below partner ID will be created in SAP CPI/IS monitoring. I prefer using AS2 ID as it is easy to remember but you can use any unique identifier or text to identify your PID uniquely.mycompanyAS2: mendelsontestAS2:  We can use below script to read the directory parameters and set them as property which we can be used in receiver adapter channel.Note: You can add more String Parameters in Partner Directory. These partner Directory ID can be created based on AS2 ID or based on receiver ID identifier in EDI file to identify the partner uniquely.Groovy Script to read the details of Sender ( Own Company) and Receiver (Mendelson/Trading Partner)import com.sap.gateway.ip.core.customdev.util.Message;

import com.sap.it.api.pd.PartnerDirectoryService;

import com.sap.it.api.ITApiFactory;

/* Author – Rahul Yadav

*/

def Message processData(Message message) {

def service = ITApiFactory.getApi(PartnerDirectoryService.class, null);

if (service == null) {

throw new IllegalStateException(“Partner Directory Service not found”);

}

def map = message.getProperties();

// RECEIVER_ADDRESS determination based on Trading Partner

def receiverId = map.get(“RECEIVER_ID”);

def senderId = map.get(“SENDER_ID”);

if (receiverId == null) {

throw new IllegalStateException(“Receiver ID is not set in the property ‘RECEIVER_ID'”)

}

if (senderId == null) {

throw new IllegalStateException(“Sender ID is not set in the property ‘SENDER_ID'”)

}

def as2URL = service.getParameter(“AS2URL”, receiverId, String.class);

if (as2URL == null) {

throw new IllegalStateException(“AS2URL parameter not found in the Partner Directory for the partner ID ” + receiverId);

}

def partnerPublicKey = service.getParameter(“SAP_AS2_Outbound_Public_Key_Alias”, receiverId, String.class);

if (partnerPublicKey == null) {

throw new IllegalStateException(“Partner Key parameter not found in the Partner Directory for the partner ID ” + receiverId);

}

def ownSignKey = service.getParameter(“OwnPrivateKey”, senderId, String.class);

if (ownSignKey == null) {

throw new IllegalStateException(“Partner Key parameter not found in the Partner Directory for the partner ID ” + senderId);

}

message.setProperty(“AS2URL”, as2URL);

message.setProperty(“PartnerPublicKey”, partnerPublicKey);

message.setProperty(“OwnPrivateKey”, ownSignKey);

return message;

}
   Below are the Receiver channel configurations    Once you process the message it will be transferred to Mendelson AS2 server. Once message is successfully processed you will receive MDN back as we have made it synchronous and will be validated Here is how attachment looks like after decryption.  Note: You can maintain and fetch all the parameters of adapter based on partner config via Partner directory by maintaining either in Partner’s PID or your own PID.References:https://help.sap.com/docs/cloud-integration/sap-cloud-integration/configure-as2-receiver-adapter    Read More Technology Blogs by Members articles 

#SAP

#SAPTechnologyblog

Avatar for

You May Also Like

More From Author