Quick Start for AS4

View some of the Frequently Asked Questions to our support staff. Included are some tips and tricks making this forum ideal for users getting started with GoAnywhere MFT. Note: Users can reply to existing topics but only our support staff can add new topics to this forum.
1 post Page 1 of 1

Support_Philip

User avatar
Site Admin
Posts: 43
Joined: Wed Jun 21, 2017 8:12 am

Post by Support_Philip » Mon Mar 09, 2020 3:28 pm
Quick Start for AS4 Service

Applicability Statement 4 (AS4) is a message protocol based on SOAP and Web Services to
securely exchange messages between business partners. AS4 utilizes a Messaging Service
Handler (MSH) for setting up the message exchange. Messages are compressed, signed, and
encrypted. Message deliveries are verified by notification receipts. AS4 can exchange any kind
of payload (XML, JSON, EDI, etc.) and supports multiple payloads being sent in one AS4
message. AS4 provides rich support for metadata and allows for pushing and pulling messages.

Setting Up the AS4 Service in GoAnywhere MFT

Enable SSL for the HTTPS Connection using the Key Management System

These steps will create a certificate within the System Key Vault's certificate manager that is
used to protect the HTTP tunnel for receiving AS4 messages. If HTTPS is already configured,
move on to the next section.

1. Log in as an Admin User with the Product Administrator and Key Manager role. If your
user account is assigned to a custom Admin User Role, your ability to view, modify, or
execute actions on this page are based on the permissions specified for that role.
2. From the main menu, select Encryption > Key Management System.
3. Open the System Key Vault's certificate manager.
4. Create a certificate in the System Key Vault.
5. Generate a Certificate Signing Request (CSR) for the newly created certificate.
6. Work with your Certificate Authority (CA) (for example, Thawte or GoDaddy) to sign your
certificate.
7. Import the CA Reply from the signing authority and any required root (primary) and
intermediate certificates.
8. From the SSL tab of the HTTPS/AS2 Listener, specify System Key Vault as the
Certificate Location. Then select the certificate from the Key Name field. Optionally,
supply the certificate password if it was not stored in the Key Vault.
9. Restart the HTTPS/AS2/AS4 service on the Service Manager page.

Enable SSL for the HTTPS Connection using File Based Keys

These steps will create a certificate within the File Based Keys manager that is used to protect
the HTTP tunnel for receiving AS4 messages. If HTTPS is already configured, move on to the
next section.

1. Log in as an Admin User with the Product Administrator and Key Manager role. If your
user account is assigned to a custom Admin User Role, your ability to view, modify, or
execute actions on this page are based on the permissions specified for that role.
2. From the main menu, select Encryption > File Based Keys > Certificates.
3. Open the Default Private Key Store.
4. Create a certificate in the Default Private Key Store.
5. Generate a Certificate Signing Request (CSR) for the newly created certificate.
6. Work with your Certificate Authority (CA) (for example, Thawte or GoDaddy) to sign your
certificate.
7. Import the CA Reply from the signing authority and any required root (primary) and
intermediate certificates.
8. On the HTTPS Listener’s SSL tab, set the Key Alias attribute to the name of the new
signed certificate.
9. Restart the HTTPS/AS2/AS4 service on the Service Manager page.

Create a Unique Certificate for AS4

Some organizations require a separate certificate to sign receipts. When a separate AS4
certificate will be used for message decryption and signing receipts, create a new certificate as
instructed above. Note the Alias of the SSL certificate, as it will be used later.

Export the head certificate from the Key Vault or from the File Based Key Manager. It will be
downloaded to your browser’s download location. This will be used later.

Configure the AS4 Service

1. To configure the AS4 Service, log in as an Admin User with the Product Administrator
role. If your user account is assigned to a custom Admin User Role, your ability to view,
modify, or execute actions on this page are based on the permissions specified for that
role.
2. From the main menu bar, select Services and then click the Service Manager link.
3. Click the Action icon next to the HTTPS/AS2/AS4 Service, and then click Edit.
4. In the left hand navigation, select the AS4 link under the Preferences section.
5. Enable the AS4 Service.
6. Save the settings.

Sharing AS4 Information with Trading Partners

With the certificate created and the AS4 Service enabled, it is now time to share information
with your trading partner and configure their Web User accounts in GoAnywhere. Each AS4
trading partner must be setup as a Web User in GoAnywhere. In order to provide AS4 file
transfer services with your trading partners, you will need to provide details about your server
with your trading partner, and your trading partner must provide details and certificates with
you.

What to provide each trading partner:
  • AS4 To ID - This is your AS4 ID.
  • Conversation ID - This is a unique identifier for each separate message transaction.
  • AS4 Message Channel Name(s) - These are message channels that the trading partner is
    authorized to pull from. For example, http://example.com/as4/mpc.
  • Processing Mode Name - The name assigned to the Push or Pull Processing Mode to be
    used for transfers.
What to obtain from each trading partner:
  • AS4 ID - This is entered in the To ID field on the Push tab of the AS4 Resource and the To
    ID field of the Pull Processing Mode on the Web User AS4 tab.
  • Conversation ID - This is the unique identifier for each message transaction.
  • AS4 Message Channel Name(s) - These are message channels on their AS4 server that
    you are authorized to pull from. For example, http://example.com/as4/mpc.
  • Processing Mode Name - The name assigned to the Push or Pull Processing Mode to be
    used for transfers.
  • Collaboration Info - The Agreement Reference, Service, Action, etc. This information is
    entered in the Collaboration Info section of the Pull Processing Mode on the Web User
    AS4 tab.
Create the Web User

Once you have your trading partner's AS4 ID and have imported their Public Certificate, you
can create their Web User accounts in GoAnywhere. The Web User account can authenticate
using passwords and/or certificates. If certificate authentication is used, you must specify the
SHA1 Fingerprint from the public certificate the trading partner provided you.

1. Log in as an Admin User with the Web User Manager role. If your user account is
assigned to a custom Admin User Role, your ability to view, modify, or execute actions on
this page are based on the permissions specified for that role.
2. Create a Web User.
l If using certificate based authentication, follow the instructions on the Quick Start
for Certificate Based Authentication topic.
3. On the Web User's AS4 tab, specify the following fields:
  • AS4 From ID - The AS4 ID that you provided to your trading partner.
  • AS4 To ID - This is your partner's AS4 ID they provided to you.
  • Collaboration Info - The Agreement Reference, Service, Action, etc
.
  • Specify the remaining fields based on your AS4 security requirements. The field
    definitions are located in the Web Help by selecting the question mark icon in
    the page header.
AS4 Message Channels

To manage AS4 Message Channels:
1. Log in as an Admin User with the Product Administrator role. If your user account is
assigned to a custom Admin User Role, your ability to view, modify, or execute actions on
this page are based on the permissions specified for that role.
2. From the main menu bar, select Services, and then click the Service Manager link. Click
the More Actions icon from the HTTPS service, and then choose AS4 Message
Channels.
as41.PNG
Page Toolbar
The following actions are available from the page toolbar:
page:
  • Add a Message Channel by clicking Add Message Channel.
  • Return to the Services page by clicking Done.
AS4 Message Channel Actions
The following actions are available by selecting the Actions icon:
  • View Message Channel details by clicking View.
  • Edit a Message Channel by clicking Edit.
  • Delete a Message Channel by clicking Delete.
  • Manage messages by clicking Manage Messages.
Configure AS4 Message Channel

Follow the instructions below to add or edit an AS4 Message Channel:

1. Log in as an Admin User with the Product Administrator role. If your user account is
assigned to a custom Admin User Role, your ability to view, modify, or execute actions on
this page are based on the permissions specified for that role.
2. From the main menu bar, select Services, and then click the Service Manager link. Click
the More Actions icon from the HTTPS service, and then choose AS4 Message
Channels.
3. To create a new AS4 Message Channel, click the Add Message Channel button in the
page toolbar.
4. To edit an existing AS4 Message Channel, select the name of the AS4 Message Channel.
You can also click the More Actions icon next to the AS4 Message Channel and then
click Edit.
5. Type the AS4 Message Channel information in the appropriate boxes.
6. Click the Save button.
as42.PNG
as42.PNG (5.42 KiB) Viewed 39595 times
Name
Specify a name for this AS4 Message Channel, usually a URL. AS4 Message Channel names are
unique for each Domain.

Description
A short paragraph describing the AS4 Message Channel. The description is optional and cannot
exceed 512 characters.

Has Subchannels
Specify whether the AS4 Message Channel will support Subchannels. AS4 Message Channels
that support Subchannels will enqueue a copy of a message for each Web User that has a
configured Subchannel. Subchannels can be configured on the Web User Configuration AS4 tab.

Message Channel Details

The Message Channel Details page shows the properties, such as the creation date and last
modified date for an AS4 Message Channel.
as43.PNG
as43.PNG (10.06 KiB) Viewed 39595 times
Manage AS4 Messages

AS4 Message details can be viewed and managed on the Manage AS4 Messages page.
To manage AS4 Messages:

1. Log in as an Admin User with the Product Administrator role. If your user account is
assigned to a custom Admin User Role, your ability to view, modify, or execute actions on
this page are based on the permissions specified for that role.
2. From the main menu bar, select Services, and then click the Service Manager link. Click
the More Actions icon from the HTTPS service, and then choose AS4 Message
Channels.
3. Click the action icon next to the desire message channel and select Manage Messages.
as44.PNG
Page Filters

Results can be filtered on this page by selecting filter options and then specifying the items to
search for. Search terms are not case sensitive and will return results that contain the specified
characters. Refresh the filter results by clicking the Refresh button.
  • Conversation ID - Filter by Conversation ID.
More Filters

Click on the More Filters drop-down button to select from the following additional filters:
  • Status - Filter by message status - Consumed or Ready.
  • Web User - Filter by the Web User associated with the message.
Saving and Managing Filters

The following filter management options are available by selecting the button:
  • Name and save the current filter parameters by clicking Save Filter As.
  • Save changes to a previously saved and currently active filter by clicking Save Filter.
  • Activate or deactivate a previously saved filter by clicking on the filter's name.
  • Click Manage Filters to access the Manage Filters page.
Message Actions

The following actions are available by selecting the Actions icon:
  • View message details by clicking View.
  • Delete a message by clicking Delete.
Table Navigation Tools

The following table navigation tools are available:
  • Click the Previous button to move back to the previous page of results.
  • Click the Next button to move forward to the next page of results.
  • Select the number of Rows to display on each page.
Footer Actions

The following actions are available when one or more items are selected from the table:

Delete one or more selected messages.

Message Details
The Message Details page shows the properties, such as the creation date and status of an AS4
Message.
as45.PNG
as45.PNG (29.84 KiB) Viewed 39595 times
Philip Horn
Senior Support Analyst
e. [email protected]
p. 1-800-949-4696
w. GoAnywhere.com | HelpSystems.com
1 post Page 1 of 1