Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
Encrypt.png 78.1 kB 2 05-Dec-2023 05:32 Halmágyi Árpád
png
Screen Shot 2013-11-23 at 1.35... 30.3 kB 1 05-Dec-2023 05:32 Halmágyi Árpád
png
Screen Shot 2013-11-23 at 1.37... 72.2 kB 1 05-Dec-2023 05:32 Halmágyi Árpád
png
as2_options.png 55.7 kB 2 05-Dec-2023 05:32 Ben Spink
png
as2_receive.png 25.8 kB 2 05-Dec-2023 05:32 Ben Spink
png
as2_signing.png 17.1 kB 2 05-Dec-2023 05:32 Ben Spink
jpg
as2_user_options2.jpg 456.8 kB 1 30-May-2024 03:44 Ada Csaba
png
complete.png 158.7 kB 1 05-Dec-2023 05:32 Halmágyi Árpád
png
delete.png 49.4 kB 1 05-Dec-2023 05:32 Halmágyi Árpád
png
exclude1.png 42.0 kB 1 05-Dec-2023 05:32 Halmágyi Árpád
png
exclude2.png 41.1 kB 1 05-Dec-2023 05:32 Halmágyi Árpád
png
find.png 92.8 kB 4 05-Dec-2023 05:32 Halmágyi Árpád
png
new_vfs.png 3.6 kB 1 05-Dec-2023 05:32 Ben Spink
png
options.png 135.7 kB 2 05-Dec-2023 05:32 Halmágyi Árpád
png
signing.png 76.2 kB 2 05-Dec-2023 05:32 Halmágyi Árpád
png
tasks.png 47.0 kB 1 05-Dec-2023 05:32 Halmágyi Árpád

This page (revision-26) was last changed on 30-May-2024 04:34 by Ada Csaba

This page was created on 05-Dec-2023 05:32 by Ben Spink

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 changed 51 lines
To configure AS2/3, you need to use the Java program called "keytool" to manage your certificates. Keytool is a command line program available on every OS, and it part of the Java install.
These screenshots assume the folder "/mycertificates/" contains the keystore file called "crushftp.jks" which is my private keystore containing both my public key used for encrypting and private key used for decrypting. It also assumes this folder contains "company.jks" which contains the trading partners public key used for encrypting files.
CrushFTP makes a "proxy" type of connection to do AS2/3. To send outgoing files, you use a typical FTP client and send the file to a specific directory in CrushFTP which in turn sends the file out using either AS2 or AS3.
The only difference between AS2 and AS3 is that AS3 destinations for the options is that the recipient URL starts with FTP:// or SFTP:// instead of HTTP(s)://.
----
These are the settings for receiving files. Click the show all button in the user manager to see these. For incoming files, we CrushFTP requires BASIC authentication for AS2 over HTTP(s).
[attachment|as2_receive.png]
Next, click the mini folder icon on the left with a ? + sign on it. Once this window is complete, you will be able to add permissions to the item as I have done on the right here.
[attachment|as2_vfs.png]
Here is where you configure your specific AS2/3 settings for this outgoing item. Cipher strengths above 128 require higher strength policy files to be installed ([FAQ]).
[attachment|as2_options.png]
The signing keystore is your private keystore which is used to sign a message to the receiver can know it came from you.
[attachment|as2_signing.png]
The encryption keystore is the trading partners keystore that contains just their public certificate file. You encrypt with this file so that only they can decrypt it using their private key.
[attachment|as2_encrypting.png]
-----
If you have your partner's public key for who you want to send to, you need to import that into a keystore file.
keytool -importcert -alias {partner_name} -file {partner_public_key_file} -keystore {partner_name}.jks
That will be the keystore you use for the encryption tab. {partner_name}.jks
For signing, and your public key you are going to give your partner...
keytool -genkeypair -alias {your_name} -keyalg RSA -keysize 1024 -keystore {your_name}.jks
Then get your public key out to give to your partner:
keytool -export -alias {your_name} -file {your_name}.cer -keystore {your_name}.jks
Send them the resulting {your_name}.cer file. That is your public key then can encrypt with. You set this keystore file {your_name}.jks on the "AS2/3 Decryption Key" panel of the user manager. You also set it on the "signing" tab of the VFS item.
Here is another screenshot of a complete example except for the decryption.
[attachment|as2_all.png]
In this area __[AS2 or AS3|AS2 EDI]__ payload cryptography related settings are configured.\\
\\
\\
[{Image src='as2_user_options2.jpg' width='1600' height='..' align='left' style='..' class='..' }]\\
\\
\\
__AS2/3 Decryption Key__\\
\\
__Keystore Path:__ the path of a PKCS11 cert store holding the private key used for payload decryption and signing the MDN.\\
__Keystore format:__ dropdown selector, allows choosing the keystore format type, Java JKS and generic p12 PFX formats are supported.\\
__Keystore Password:__ enter the password of the keystore here\\
__Key name(alias):__ the __private cert__ identifier (internal name). We load the cert based on it's alias, in case the keystore has multiple certs.\\
__Key Password:__ the protection password of the private key inside the keystore. In case of JKS type keystores, keystore and key passwords are always identical. PFX may contain unprotected private key, in that case, this field needs to be left empty.\\
\\
__AS2/3 Signature Verification Key__\\
\\
__Keystore Path:__ the path of a PKCS11 cert store holding the public cert used for payload signature validation. \\
__Keystore format:__ same as in the above section, to choose the keystore type\\
__Keystore Password:__ enter the password of the keystore here\\
__Key name(alias):__ the __public cert__ identifier (internal name)\\
\\
__Unique AS2 filenames__ when enabled, a unique random ID is appended to the received file name to prevent overwriting existing files.\\
\\
__Process As3 Files__ toggles support for AS3.\\
\\
Version Date Modified Size Author Changes ... Change note
26 30-May-2024 04:34 1.577 kB Ada Csaba to previous
25 30-May-2024 04:19 1.577 kB Ada Csaba to previous | to last
24 30-May-2024 04:17 1.541 kB Ada Csaba to previous | to last
23 30-May-2024 04:12 1.345 kB Ada Csaba to previous | to last
22 30-May-2024 04:07 1.096 kB Ada Csaba to previous | to last
21 30-May-2024 04:06 0.945 kB Ada Csaba to previous | to last
« This page (revision-26) was last changed on 30-May-2024 04:34 by Ada Csaba
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
LeftMenu

JSPWiki