none
Receive error message while deal with AS2 MDN RRS feed

  • Question

  • Hi All
    Error occured while BizTalk Server deal with the MDN message from one partner.
    Error description is below:
    The outbound message of the component "Microsoft.BizTalk.EdiInt.PipelineComponents" in receive pipeline "Microsoft.BizTalk.EdiInt.DefaultPipelines.AS2Receive, Microsoft.BizTalk.Edi.EdiIntPipelines" is suspended.
    AS2 message validation failed. Please make sure the certificate is not overdued or revoked.

    I dont choose Check Certification Revocation List  while configuring general AS2 properties.

    BizTalk Server can process messages from other partners successfully.
    It also can process the AS2(except MDN) messages successfully received from this partner.
    This error only occured while receive MDN from this partner.

    Can anyone advise the reason for this question?


    Elly CC
    Wednesday, September 2, 2009 12:44 PM

Answers

  • Yikes! If the certificate is revoked, the certificate system or AntiVirus may have moved the certificate to a quarrantine. You should not try to use a revoked certificate and try to override the functionality. Even though BizTalk may let you work with it there are multiple layers of security and other layers could prevent using it successfully. Just ask your partner for an updated certificate and install the new one.

    Usually other security services do check the CRL. Anyway, using a known revoked certificate is not secure.

    Thanks,
    If this answers your question, please use the "Answer" button to say so | Ben Cline
    • Marked as answer by elly CC Friday, September 4, 2009 12:46 AM
    Thursday, September 3, 2009 1:06 PM
    Moderator

All replies

  • This error can occur if the certificate has expired even if you are not using the Certificate Revocation List (CRL) check. I would check to see if the certificate for your AS2 partner has expired and if so ask them for an updated one.

    Is the MDN encrypted or it is just plain text?

    Thanks,
    If this answers your question, please use the "Answer" button to say so | Ben Cline
    Wednesday, September 2, 2009 3:20 PM
    Moderator
  • Hi Ben

    Thanks for your reply. I have checked the certificate is not expired.

    But when I use the Certificate Revocation List check,  I fail to send message out.  It said the certificate is revoked.

    Any method to avoid it if we use the same certificate ?

    Thanks in advance!

    Elly CC
    Thursday, September 3, 2009 1:44 AM
  • Yikes! If the certificate is revoked, the certificate system or AntiVirus may have moved the certificate to a quarrantine. You should not try to use a revoked certificate and try to override the functionality. Even though BizTalk may let you work with it there are multiple layers of security and other layers could prevent using it successfully. Just ask your partner for an updated certificate and install the new one.

    Usually other security services do check the CRL. Anyway, using a known revoked certificate is not secure.

    Thanks,
    If this answers your question, please use the "Answer" button to say so | Ben Cline
    • Marked as answer by elly CC Friday, September 4, 2009 12:46 AM
    Thursday, September 3, 2009 1:06 PM
    Moderator
  • Hi Ben

    Where is the CRL or how I can find the CRL?

    There is no CRL distribution point in the details of the certificate.

    Thanks.
    Tuesday, September 8, 2009 1:20 AM
  • You could find the CRL for your certificate with the certifying authority that certified the certificate that was revoked. Contact them to make sure the certificate was revoked.

    Thanks,
    If this answers your question, please use the "Answer" button to say so | Ben Cline
    • Marked as answer by elly CC Tuesday, October 20, 2009 3:25 AM
    • Unmarked as answer by elly CC Wednesday, November 4, 2009 9:42 AM
    Tuesday, September 8, 2009 4:08 AM
    Moderator
  • Hi All

    The problem is sloved by changing a new certificate.

    But I met the same problem while send message to another partner.  Our event log show below error while deal with the MDN received from our partner:
    AS2 message validation failed. Please make sure the certificate is not overdued or revoked


    I have checked the certificate, it is not overdued. And I also checked the CRL, the certificate is not in the revoked list.

    What is the reason of this error? Can any advise?

    Thanks in advance.
    Wednesday, November 4, 2009 9:57 AM