Problem transmitting AS2 message

, ,
1

I am sending a flat file via AS2 to a partner using HTTPS protocol.

The log on the partner side has the following:

AS2: INBOUND Request received
ERR15024:Invalid client side certificate specified

In TN, I have setup our private key and our certificates in our enterprise profile. I have setup the partner’s certificates in the partner’s profile.

In the activity log on my TN, I have the error

Reason for failure - Delivery service for 58i9gq0v7mn8jcv400000119 failed with a status of fail and status message of 400 Bad Request

Please advise. Thanks in advance.

2

Did you configure the certs chain in all the Security Tabs on the profile sender/receiver?

ERR15024:Invalid client side certificate specified

The error above indicates the certs/chain are not matching while hand shaking and it could be your side or TP side…So you need to work with your TP and make sure you both are using the matching certs and serial numbers.

HTH,
RMG

3

Thank you RMG. I have configured the certificate chains and private key in both the sign/verify and encrypt/decrypt tabs of my enterprise profile.

The customer is using the right public certificate that I have provided. Is there a way I can know the serial number of my private key? Should a private key and the corresponding public certificate have the same serial number?

4

I am not quite sure on your private key question…

But can you try to attempt with text/plain and see how the test goes?

5

I have attempted to send with type:plain but I still have the same error. I have also set the extended field S/MIME type as plain, just to be sure.

6

So some thing is not right with certs receiving end…I never saw that 400 status with AS2.

Part of troubleshooting exercise have you tried bump up the logging with Trace for HTTP listener, Security/SSL codes and see if it can give more info in the server logs?

Lastly open a ticket with SAG support.

7

I have set the server logging level to 8 for all facilities. I only see an http 400 status code in the logs. Could there be an issue with the way the public certificate is on the receiving end?

8

Are you on IS version 65? Yes that could be:

Have you also tried restarting IS?

9

That is correct, I am using 6.5

10

Thought so…logging module much improvements in 712/8.x versions.

Can you also test tuning this Extended setting?..I am sure it’s nothing to do with the error you are getting.

watt.security.ssl.client.ignoreEmptyAuthoritiesList

11

Is there a way I can determine if this a problem on my side or the client’s side?

12

Not really. But you can try reconfigure certs in TN and engage TP folks also if they can do the same along with monitor server and network communication logs for SSL.

BTW,Is it the only/first TP you have them on AS2?

HTH,
RMG

13

We solved this issue, finally! It was a problem on the client’s server, it had something to do with the way their AS2 server was setup for HTTPS.

14

Expected…Glad to hear its resolved now:

15

While sending the flat file via AS2, what is the content type you have specified?

16

Are you trying to respond a old thread or having you having a question?

17

Hi RMG,

Since it was a discussion about flat files via AS2, I posed a question here. What would be the content-type you specify for seding flat files via AS2?

18

There is not content type directly mentioned for FF via AS2 on EDIINT module user guide.

But you can try with text/plain or application/x-wmflatfile

HTH,
RMG

19

I saw that there was no mention of it in the user guide.Thanks for the reply.

20

Yep…just try with the above.