Unable to authenticate signature - AS2

ramesh_kuruba1 · September 23, 2008, 7:27pm

Hello there,

I am able to send AS2 message to partner successfully. But partner is getting below error message when he receives the message. I am not sure where the problem is.

Can anyone shed some light on this?

Thanks,
RK

—BEGIN REQUEST—
Via: 1.0 WHQVISA01
Content-Length: 1639
Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name=smime.p7m
Accept: image/gif, /
Host: ***
Max-Forwards: 10
User-Agent: Mozilla/4.0 [en] (WinNT; I)
X-Forwarded-For: 205.204.1.31
X-Forwarded-Host: ***
Content-Disposition: attachment; filename=smime.p7m
X-Forwarded-Server: ***
Message-ID: 6964332.1221863692949.JavaMail.wmstg@sun102
AS2-From: 001317452T
AS2-Version: 1.1
AS2-To: DME

—END REQUEST—

ERROR: Unable to authenticate signature: A certificate was not provided, and was not included in the signed message.
200 OK returned to client (no receipt requested)Request was already acknowledged. No response to send.—TIMESTAMP Fri, 19 Sep 2008 17:34:53 -0500 [1221863693206]—

—BEGIN RESPONSE—
AS2-From: DME
AS2-To: 001317452T
AS2-Version: 1.2
EDIINT-Features: multiple-attachments
Date: Fri, 19 Sep 2008 22:34:53 GMT
Subject: Message Disposition Notification
Content-Description: MIME Message
Message-ID: 35bec87e-6bd3-42e2-ba44-5079597a8209@001317452T
Content-Type: multipart/report; report-type=disposition-notification; boundary=“MDNBoundary”

–MDNBoundary
Content-Type: text/plain; charset=“iso-8859-1”

Unable to authenticate signature: A certificate was not provided, and was not included in the signed message.
–MDNBoundary
Content-Type: message/disposition-notification; charset=“iso-8859-1”

Original-Recipient: rfc822;DME
Final-Recipient: rfc822;DME
Original-Message-ID: 6964332.1221863692949.JavaMail.wmstg@sun102
Disposition: automatic-action/MDN-sent-automatically; processed/Error: integrity-check-failed

–MDNBoundary–

—END RESPONSE—

pleary.514420 · September 23, 2008, 7:30pm

Looks like you signed it and he doesn’t have the verification certificate.

ramesh_kuruba1 · September 23, 2008, 7:37pm

Phil,

Thanks for the quick reply. Are you saying that the public key and the CAs that we provided to partner are not configured properly on the partner software?

Thanks,
RK

pleary.514420 · September 23, 2008, 7:41pm

That would be my first guess - it looks like they did not configure a signature verification certificate.

ramesh_kuruba1 · September 23, 2008, 8:08pm

I would assume that it would be similar to how we configure under Trading Networks Partner Profile “Verify” tab by loading client certificate.

pleary.514420 · September 23, 2008, 8:21pm

Highly dependent on what they are using - but the concept is the same, yes.

chandra_Penumalli · February 4, 2009, 12:02am

Hi, We are using EDIINT AS2 Htpps. When partner is trying to send the Certificate, they are getting the following error: Message Disposition Notification Reporting-UA: webMethods Integration Server Original-Recipient: rfc822; Final-Recipient: rfc822; Original-Message-ID:ssss Disposition: automatic-action/MDN-sent-automatically; processed/error: authentication-failed MDN for - Message ID: ssss From: 111 To: 112 Received on: 2009-02-03 at 10:27:19 (EST) Status: processed/error: authentication-failed Comment: This is not a guarantee that the message has been completely processed or understood by the receiving translator… We are using only the partners Unsigned Public key certificate. I Do know that we need the partner CA certificate. But i am just wondering that any body worked on processing Unsigned Public certificates? If so, help is really appreciated. Thanks in advance, Capri_lak