Hi all,

Can any one of you please help me in configuring(keeping in right place) security certificates in TN, for exchanging documents between two partners (EDIINT As2 transport mechanism)…
I have sample ceritificates like,

SenderCACert.der
SenderCert.der
SenderPrivateKey.der
ReceiverCACert.der
ReceiverCert.der
ReceiverPrivateKey.der

Thanks & Regards,

You should keep these certs in the IS/Config/certs folder and see the ISAdminConsole/Certificates page.

ReceiverCACert.der (in trusted root)
ReceiverCert.der
ReceiverPrivateKey.der

In the TN/Security section load the ReceiverCert.der,ReceiverPrivateKey.der.

Also send your SenderCAcert to your trading partner for SSL handshaking.

HTH,
RMG

Hi rmg,

Thnks for your quick reply.

But I tried the same. Are you sure the cert folder is IS/config. Since there was no cert folder in IntegrationServer/config ,I created one cert folder in the same and restarted the IS. But i couldn’t see any changes in certificate link in Admin console. IT is as it is. So can u suggest me y so. I am using wM65.

Thanks & Regards
Juby

yes,you are right in creating cert folder which is a standard,and also import the CAcert in the trusted root from config/certs/cacert folder.

Also in WM65 you don’t need to reboot IS after importing CA certs.

PS:In TN65 Improved Certificate Setup as follows,
Ability to Specify one certificate chain instead of a cert and CA chain and support for pkcs7 cert list files (.p7b and .cer).Also new “SSL Client” tab for specifying clientcert used for https/ftps connection.
Easier to import and setup certificates,eliminates confusion about cert formats and chains and improves usability of the security tabs.

HTH,
RMG

hi rmg,

I am totally new to this so please…help
here I have one more doubt, as u mentioned “new SSL client tab for specifying clientcert used for https/ftps connection”. If I am going for a FTPS connection (AS3) is it necessary that I should fill in “SSL client” tab with cert files.

If so what is meant by this clientcert file? If you look into that EDIINT package webMethods have given one sample with .der files for SEnder and receiver. By clientcert do you meant any of this files?

And I am assuming by trusted root you meant to create a directory cacert in cert folder and keep the “SenderCACert.der” file. Please clarify if I am wrong.

I am trying to exchange files between two integration servers trading partners using AS3 connection. So whether i need to do anything with certificateToolKit package?

I am getting error like FTP AUTH error…ceritificated rejected by chain verifier.

please help me…

regards,
j

Basically i dont have experience with new AS3 (FTPS) transport.

So definetly some one will assist you better on this query.

Actually in CACert folder,If you are a sender initiating transaction then you have to import ReceiverCAcert.der in the folder,and SenderCAcert should be given to partner this will certify in SSL handshaking process.

HTH,
RMG

Thanks a lot…
By some trial I could able to make it working…Now here I have a doubt like can I able to retrieve the filename after sending the document to the partner. In AS3 or AS2 transaction.

Thanks once again…

Sorry,i have no clue at this moment.Will let you know if any updates.

pub.flow:getTransportInfo service help to get the filename in normal ftp/http transport processess,so please check.