|Procedure for Sending an EDI Document using AS2|
The procedure for sending an EDI document using AS2 is as follows:
Example in Visual Basic
This example will use the following:
In this example, the EDI document sent is going to be encrypted and signed.
Create an instance of ediDocument. The ediDocument object is the top level application instance for Framework EDI (FREDI). This object is the topmost object in the object model hierarchy of FREDI. This instance is always created at the start of a program.
Dim oEdiDoc As Fredi.ediDocument
Set oEdiDoc = New Fredi.ediDocument
Set up digital certificates for securing document. The ediSecurities object is used to configure the security.
Dim oSecurities As Fredi.ediSecurities
Set oSecurities = oEdiDoc.GetSecurities
' Set the default service provider, which provides the necessary cryptographic services.
oSecurities.DefaultProviderName = "Microsoft Base Cryptographic Provider v1.0"
To encrypt the document, the public key of the certificate from the intended recipient is used. To sign the document, the private key associated with the certificate of the sender is used. To reference the certificates, they have to be already in the certificate store otherwise they have to be imported to the certificate store. To verify if the certificate already exists in the certificate store, call the IsCertificateExists method in the ediSecurities object. To import the certificate, call the ImportCertificate method.
Dim oCertificate As Fredi.ediSecurityCertificate
Dim oSignCert As Fredi.ediSecurityCertificate
If Not oSecurities.IsCertificateExists("Edidev XYZ Test Company") Then
Set oCertificate = oSecurities.ImportCertificate(App.Path & "\XyzTestCompany.cer")
Set oCertificate = oSecurities.GetCertificateBySubjectName("Edidev XYZ Test Company")
If Not oSecurities.IsCertificateExists("Edidev ABC Test Company") Then
Set oSignCert = oSecurities.ImportCertificate(App.Path & "\AbcTestCompany.cer")
Set oSignCert = oSecurities.GetCertificateBySubjectName("Edidev ABC Test Company")
Because the certificate is suppose to contain only the public key, it cannot directly be used to sign. Some certificates may be associated to a private key file (.PVK) which can be used to sign. In this example, however, the certificate was created from a key container. Knowing the name of the key container where the public key was extracted for the certificate, the private key is associated to the certificate by calling the UpdateCSP method.
Set up and load the EDI document. Load the EDI document after specifying the implementation guideline to use.
Dim oSchemas As Fredi.ediSchemas
Dim oSchema As Fredi.ediSchema
' Disable standard reference library.
Set oSchemas = oEdiDoc.GetSchemas
oSchemas.EnableStandardReference = False
Set oSchema = oEdiDoc.LoadSchema(App.Path & "\SampleSefX12_850.SEF", Schema_Standard_Exchange_Format)
' Load EDI document normally.
oEdiDoc.LoadEdi App.Path & "\SampleEdiX12_850.X12"
Prepare the EDI document in a MIME message. Since AS2 transmits documents in MIME format, the EDI file has to be embedded in a MIME message. All MIME, or Internet Mail type capabilities, are handled by the mailDocument object.
Dim oMailDocument As Fredi.mailDocument
Set oMailDocument = oEdiDoc.GetMailDocument
The mailDocument object consists of two MIME messages: the main MIME message and the Message Disposition Notification (MDN) message. The EDI document is secured and embedded in the main MIME message. Each message object has a security token which configures how the message is to be secured. Here is where the certificates are specified to indicate which one is used for encryption and which one is used for signing. To specify the certificate of the recipient, set the CertificateSubjectName property to the subject name of the recipient's certificate "Edidev XYZ Test Company". To specify the certificate of the sender, set the CertificateSignerName property to the subject name of the sender's certificate "Edidev ABC Test Company". At the same time, enable the properties EnableEncryption and EnableAssurance to enable encryption and digital signing respectively.
Dim oMsgSecurity As Fredi.ediSecurity
Dim oSubjMsg As Fredi.mailMessage
' Get subject message and configure security.
Set oSubjMsg = oMailDocument.GetMessage
Set oMsgSecurity = oSubjMsg.GetSecurity
' Configure to use the receiver's certificate to encrypt.
oMsgSecurity.CertificateSubjectName = "Edidev XYZ Test Company"
oMsgSecurity.EnableEncryption = True
' Configure to use the sender's certificate to sign.
oMsgSecurity.CertificateSignerName = "Edidev ABC Test Company"
oMsgSecurity.EnableAssurance = True
To embed the EDI document into a MIME message, call the PrepareEdi method in the mailDocument object. This also secures the MIME message at the same time, based on the security information already set. When both encryption and signature is applied, the document is first signed and then encrypted.
Add AS2 specific headers to MIME message. To conform to the AS2 protocol, additional headers are required. These headers are:
To set the header, set the HeaderFieldValue with the correct parameter. The source code looks as follows:
oSubjMsg.HeaderFieldValue("Message-ID") = "firstname.lastname@example.org"
oSubjMsg.HeaderFieldValue("AS2-Version") = "1.0"
oSubjMsg.HeaderFieldValue("AS2-To") = "XYZ_Company"
oSubjMsg.HeaderFieldValue("AS2-From") = "ABC_Company"
When a MIME message is acknowledged, an Message Disposition Notification (MDN) message is returned The MDN itself is in MIME format. To request for an MDN, the "Disposition-Notification-To" header is required. In AS2, this headers only requires to be present with a syntactically correct value. The value itself holds no meaning in the AS2 transaction.
oSubjMsg.HeaderFieldValue("Disposition-Notification-To") = "john smith <email@example.com>"
For a signed MDN, the additional header "Disposition-Notification-Options" is required.
oSubjMsg.HeaderFieldValue("Disposition-Notification-Options") = "signed-receipt-protocol=optional,pkcs7-signature;signed-receipt-micalg=optional,sha1"
Finally, the header "Receipt-Delivery-Option" must be added and its value must contain a valid URL that specified where the MDN is going to be sent. In a synchronous mode of transmission, this header is not required. .
oSubjMsg.HeaderFieldValue("Receipt-Delivery-Option") = "http://www.somesite.com/files/"
Configure ediTransport for destination. Get the ediTransport object of the mailDocument object and configure it with the destination address that the message is to be sent to.
Dim oTransports As Fredi.ediTransports
Dim oDestination As Fredi.ediTransport
Set oTransports = oMailDocument.GetTransports
Set oDestination = oTransports.CreateTransport
oDestination.User = "john_smith"
oDestination.Password = "password"
oDestination.Address = "www.global.net"
oDestination.TargetPath = "/testfiles/"
Send MIME message. Call the Send method to send the message. The file name "SampleEdiX12_850.AS2.TXT" is the name of the file when it arrives at the destination server.