none
as2 communication with trade partner RRS feed

  • Question

  • i am working on AS2 communication using self-signed certificate.

    i made two test certificate and made two server for testing certificate, at that time everything is good

    when i send a message from test server1 to test server2, the message is encoded and sgined

    so test server2 receive the message and make a MDN message and send the message to test server1 synchronously

    the MDN message arrived in test server1, every process is good

     

    but exchange a message with our customer, always happen below message

    when i send  a message to our customer, so they make a MDN message and send the MDN message to us

    but when the MDN Message is received our server, at that time happen below message.

     

    i checked certificate of our customer and us but the certificate is correct, not revoked and timed out

    i never understand below message...

    i spend a few days by this issue.

     

    please help me

     

     

    The AS2 Decoder encountered an exception during processing. Details of the message and exception are as follows: AS2-From:"from-TEST" AS2-To:"to-TEST" MessageID:"<3098346478589361197334439765>" MessageType: "unknown" Exception:"An error occurred when validating an AS2 message. Make sure the certificates used have not timed out or been revoked."

    Tuesday, December 11, 2007 1:22 AM

All replies

  • Hello!

     

    Please make sure that partner's certificate has a Key usage for a digital signature.

     

    Also, can you please provide MDN message that cannot be verified and certificate so I can take a look at it.

     

    Thank you,

    Yury

    Wednesday, December 12, 2007 6:40 PM
  • Yury,

    how can i provide MND file and certificate?

     

    please let me know the way 

    Wednesday, December 12, 2007 8:54 PM
  • by mail or post here?

    but th MDN message was encrypted so i can't post here

    how can i these files deliver to you?

     

    Wednesday, December 12, 2007 9:18 PM
  • In case, if MDN is encrypted, BizTalk AS2Receive cannot process it.

    We do not support encrypted MDN processing. MDN’s can be only signed per RFC 4130, page 17.( http://www.ietf.org/rfc/rfc4130.txt )

     

    Yury

    Wednesday, December 12, 2007 10:39 PM
  • Hi

     

    I'm having the same message error, although I don't encrypt the MDN. Even if I only signed it happens that.

    Do anyone have a solution already?

     

    How can I show the MDN message?

     

    Thanks

     

    Sunday, April 6, 2008 6:34 PM
  • here is a copy of the MDN

     

    --_A33B73C0-4051-4449-B99F-FE4EFC2347BE_
    Content-Type: multipart/report; report-type=disposition-notification;
     boundary="_86EE1795-1769-48F9-A1B5-DEC02B2E78E0_"

    --_86EE1795-1769-48F9-A1B5-DEC02B2E78E0_
    Content-Type: text/plain
    Content-Transfer-Encoding: binary
    Content-ID: {D29992EA-7CC1-4CC0-8094-68EE240FCD9B}
    Content-Description: plain


    --_86EE1795-1769-48F9-A1B5-DEC02B2E78E0_
    Content-Type: message/disposition-notification
    Content-Transfer-Encoding: 7bit
    Content-ID: {B1496AF9-A5CD-4AF1-98EF-A6587A11BFE8}
    Content-Description: body

    Final-Recipient: rfc822; 1752692355
    Original-Message-ID: <TFC-EFACT_40C13832-C207-49B8-8F0C-B6E59CA1DFA7>
    Disposition: automatic-action/MDN-sent-automatically; processed
    Received-Content-MIC: /qkUJfx+pyzcledasI+BT43gqM8=, md5

    --_86EE1795-1769-48F9-A1B5-DEC02B2E78E0_--

    --_A33B73C0-4051-4449-B99F-FE4EFC2347BE_
    Content-type: application/pkcs7-signature; name="smime.p7s"
    Content-Transfer-Encoding: base64

    MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIICBDCCAgAw
    ggFpoAMCAQICEFD9wIoQVVeMTu2v+IOWc9cwDQYJKoZIhvcNAQEEBQAwGTEXMBUGA1UEAxMOTXkg
    T3duIFRlc3QgQ0EwHhcNMDgwMzE4MTY0NzQ2WhcNMzkxMjMxMjM1OTU5WjAUMRIwEAYDVQQDEwlU
    RkMtRUZBQ1QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvs0t8y+qJnuDUR0OHW3PbP7IOj
    U5twxnRcEfnM3Cg844Cxw5U7LKhkSIxx19/aPcxzgfn0klPml4wwkOhAQkMI25gNV341jNUEu7Me
    WsH8m5H0WUqOkzIe6COwwMkAfdQ3RLeotL2NSZ66dNkjGMbhIWJKPT6d9qUoaiAM25vdAgMBAAGj
    TjBMMEoGA1UdAQRDMEGAEEq++3MAumVlcxce2uiU1EuhGzAZMRcwFQYDVQQDEw5NeSBPd24gVGVz
    dCBDQYIQoBCVwI6JaJJMTGfPjcddIzANBgkqhkiG9w0BAQQFAAOBgQAro1nnbDv5/jKRUDf4xU/p
    a35iDA1QS/H8SFvHZAdZWiveDN9mzCZ0xIMV1RgCA1vv1I8/6ebOO4EKZ0NmUaLoS7KYuHwEgwgW
    HJ9XPT0LcEEYZj1wKWrbLolfk/68/QBdsyFfFBtFAd98JldYV8NbWo9XILK3Tx25584XhKnk2zGB
    0jCBzwIBATAtMBkxFzAVBgNVBAMTDk15IE93biBUZXN0IENBAhBQ/cCKEFVXjE7tr/iDlnPXMAkG
    BSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYBC3zyRUDNWKYz00wMsmMG2r2o28SVyqmGYsCVb/V9E
    2J0nBBpTznEJrVKpbXrPctGL5ZXeGD2SUIjw2vQL4jh6zTWOgMmrqlmfLuAnZNX9i5/DLr0zj4Xp
    dHRXiMNMBm9wyVIkK/bWY5vrXVhx2vZ1XxoFWAkWhuq5P6AuSAhfagAAAAAAAA==

    --_A33B73C0-4051-4449-B99F-FE4EFC2347BE_--

     

    Sunday, April 6, 2008 6:38 PM
  • I suppose that you have the "Check CRL" check box turned on in the Party settings. The Idea here is to have the CRL, which can be created from the Certificate Authority in to your Intermediate Certificate Revokation List Node. When you export the CRL you will get a .crl file and import it in to the Intermediate Certificate Revokation List Node in your Current Account Certificates. Then if the Certificate is not present in the Revocation list then this problem will not come.

    Please tell me what happened or more information is required, To know how to create a CRL and import it please reffer to the Certificate Authority Documentation.

    If you dont want to check CRL at all then uncheck the CRL check box in the As2 General Property page for the Party in As2 Settings, that should also solve your problem.

    Try it and let us know.
    _________________________________________________________________________________________________________________________
    Please Mark answered if answer is right

    • Proposed as answer by edhickey Friday, September 4, 2009 8:57 PM
    Saturday, August 29, 2009 12:41 PM