Encryption using 3DES in AS2 connector of wm.io Integration does not work anymore

Theo_Van_Dijk · September 17, 2023, 10:42am

Encryption using TripleDES in AS2 connector does not work anymore in webMethods.io Integration, Version 10.16.4.0, Free Forever account. A message is send with no payload. It has worked before (May 2023) and it still does work using AES 256.

This is a print screen of https://webhook.site/ displaying the http message received from wm.io Integration as sent by the AS2 connector with encryption using TripleDES (without signing and no mdn requested).

Vikash_Sharma1 · September 25, 2023, 3:55am

hi @Theo_Van_Dijk ,
Can you please raise the Support Incident for same.

Regards
Vikash Sharma

Theo_Van_Dijk · September 25, 2023, 6:38am

Hi Vikash,
I am not authorised to raise an incident via the Empower Portal and I am not sure to ask a colleague because this error occurs in my Free Forever account.
Regards,
Theo

Vikash_Sharma1 · October 3, 2023, 12:02pm

hi @Theo_Van_Dijk ,
Can you please share some more details.
I will try to replicate the issue at my end.
It would be great if you can share the use case with details like

To whom you are sending the response
From where are you receiving the request
What is the protocol used
What’s the channel type
Message format

Regards
Vikash Sharma

Theo_Van_Dijk · October 3, 2023, 12:59pm

Test 1:
Go to https://webhook.site. It will create a new endpoint for you.
Configurations > General > Certificates > Add:
softwareag_cloud = Certificate as used by https://softwareag.cloud/ (but any other *.cer will do).

Connectors > Predefined > AS2 > Add:
AS2_Account1: Recipient = https://webhook.site/{Your unique URL}, Auth Type = none, From = A, To = B, Hostname verifier = Noop, Encrypt Message = true, Encryption Algorithm = TripleDES, Encryption Certificate = softwareag_cloud, other settings are false

Integrations > Flow services > Add:
AS2_test: add two lines:

function stringToStream: string = “test msg”
AS2 connetor: AS2_Account1, map inputStream to sendInput/data/stream, contentType = “application/xml”
Run AS2_test and check webhook.site: a request has been received but it has no content. Size = 0 bytes.

Theo_Van_Dijk · October 3, 2023, 1:01pm

Test 2:
This test is described at mendelson AS2 test server | mendelson-e-commerce GmbH. There you can also download the keys and view the result.

Configurations > General > Certificates > Add:
MendelsonTest_certificates_we_trust = Truststore, Type = PKCS12, Provider = SUN, file = MendelsonTruststore.pfx
MendelsonTest_our_keys = keystore, Type = PKCS12, Provider = SUN, file = key3.pfx
MendelsonTest_Mendelson_certificate = partner certificate, file = key4.cer

Connectors > Predefined > AS2 > Add:
AS2_Account2: Recipient = https://testas2.mendelson-e-c.com:8444/as2/HttpReceiver, Auth Type = none, From = mycompanyAS2, To = mendelsontestAS2, Trust store Alias = MendelsonTest_certificates_we_trust, Hostname verifier = Noop, Sign Message = true, Signing Algorithm = SHA-1, Signing Keystore and Key Aliases = MendelsonTest_our_keys/key3, Receive Signed Message = true, Signature Verification Certificate = MendelsonTest_Mendelson_certificate, Encrypt Message = true, Encryption Algorithm = TripleDES, Encryption Certificate = MendelsonTest_Mendelson_certificate, Receive Encrypted Message = true, Decryption Keystore and Key Aliases = MendelsonTest_our_keys/key3, Request MDN = Synchronous, Request Signed MDN = false

Integrations > Flow services > AS2_test > change the AS2 account and run. View the result in Mendelson: a request is received but the content is 0 bytes

Anil_Kumar_N_R · October 10, 2023, 8:29am

Thanks for reporting the issue. We will fix the issue where encryption using DES and TripleDES algorithm does not work in AS2 Connector.
Regards,
Anil

system · April 7, 2024, 8:30am

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.