In this post about Trading Partner settings, we configured our Trading Partner to be able to exchange EDI messages. Now let’s have a look at AS2 parameters in more details, as this type of communication is more complex.

We are at the point where we have our Type Systems configured and we want to set the AS2 Communications channel.

This is our starting point:

Here we configure the AS2 adapter, as we would do in SAP Cloud Integration iflow. Let’s start with the Receiver.

Receiver

As Receiver represents our Trading Partner’s endpoint, we need to specify:

• Target URL

• Proxy Type — usually Internet, rarely we will have target endpoint behind a SAP Cloud Connector

• Authentication Type — the way we authenticate against the URL (Basic auth, Client certificate)

• Private Key Alias — if we use Client certificate, the private key will be usually SAP-native certificate. The downside here is a regular yearly expiration. If we want to use a long-lasting certificate, we need to generate a new private key

On the Processing tab the most important thing is to fill up the AS2 IDs. Don’t forget these IDs have to match both at the Sender and the Receiver side.

Specify the Content-Type according to your message format. For IDocs, that will be application/xml.

On Security tab, we have to set the public certificate we received from our Trading Partner.

To be able to do so, we have to import that certificate into the SAP Cloud Integration keystore, as well as import it in Trading Partner Profile — Certificates section!

In our scenario, I exported the Key 3 from the Mendelson AS2 client, which I use to simulate AS2 Partners.

The MDN section will usually look like this, or as per mutual agreement with your Trading Partner.

Sender

Even a bit more complicated it gets in the case of Communications — AS2 Sender channel. We can choose between Profile and Channel configuration mode.

When we choose Channel, we set everything here, including the public key for signature verification. Recommended approach is to use Profile, where everything gets populated automatically.

For the system to set it for us, we do need to maintain the settings at some place, and that place is Trading Partner — Security section. Here we bind the AS2 ID with the correct certificate and activate it.

Summary

Let’s list the above steps chronologically for better clarity:

1. Finish all the steps listed in the post about Trading Partner configuration

2. Import the public certificate you received from your partner into the SAP SCI keystore

3. In TPM Certificates section, add this certificate into the TPM

4. In TPM Security section, link this public certificate with the Partner’s AS2 ID

5. In TPM Systems -> Communications section, perform the AS2 adapter settings

A whole series of blogs on Trading Partner Management:

1. Overview

2. Data

3. Partner

4. AS2

5. ….will continue

It was also published here:

https://medium.com/@jiri.fridrich/sap-tpm-trading-partner-as2-settings-7c5f96cbfd06