Trading Partner Having Problems Sending to Me
There are several issues that could cause incoming AS2 transmissions from your trading partners to fail:
| Issue | Resolution Steps |
|---|---|
| Incorrect URL being used. | Make sure your trading partner is sending the AS2 transmission to the correct endpoint URL. |
| Incorrect port being used. | Make sure that your trading partner is sending the AS2 transmission to port 443 of your Files.com site. |
| Incorrect AS2 trading partner Identity being used. | The trading partner is specifying an AS2 Identity that does not match your configuration. Make sure that the AS2 Identity that the trading partner is trying to use exactly matches the AS2 Identity that you specified for them. This is also known as the "AS2-From" header setting, which you can view in the AS2 Logs. |
| Incorrect AS2 Identity being used. | The trading partner has not specified your correct AS2 Identity. Make sure that the AS2 Identity being used by the trading partner to identify you exactly matches your AS2 Identity. If you have multiple AS2 Identities, then make sure that your trading partner is using the correct one. Check the configuration for the trading partner and confirm that the AS2 Identity shown in the My AS2 Name/Identity column matches what your trading partner is using. This is also known as the "AS2-To" header setting, which you can view in the AS2 Logs. |
| Trading partner is using an incorrect encryption certificate. | The trading partner should be using your public certificate to encrypt AS2 transmissions to you. Make sure that the certificate they are using is exactly the same one as you imported in your AS2 identity. If you have multiple AS2 Identities, make sure that the trading partner is using the correct corresponding certificate. Resend the trading partner your correct public encryption certificate and verify that they are using it for AS2 transmissions to you. |
| You are using an incorrect trading partner signing certificate. | The trading partner will be using their private certificate to sign AS2 transmissions to you. You will have received a corresponding public certificate from your trading partner. Make sure that the corresponding trading partner public certificate that you are using matches the public certificate that they provided you with. Check with the trading partner that the public certificate that they sent you corresponds to the private certificate that they are using to sign their AS2 transmissions to you. |
| Trading partner expects the AS2 Endpoint HTTPS TLS/SSL certificate to never change. | Occasionally, some trading partners configure their AS2 systems to save the SSL certificate fingerprint of the AS2 endpoint of their trading partners. Whenever the SSL certificate is updated, the fingerprint will no longer match, and further AS2 connections will not be allowed. This is sometimes referred to as "certificate pinning". Certificate pinning is not recommended, as it will disrupt AS2 transmissions every time the endpoint certificate changes. Your site's TLS/SSL certificate is used for your AS2 endpoint. By default, Files.com will automatically update your site's TLS/SSL certificates for you, prohibiting the ability to perform certificate pinning. You can implement your own custom TLS/SSL certificate provided that your site is configured with a Custom Domain. However, this certificate will be used by all of your site's services, not just your AS2 endpoint. Consider using a dedicated Child Site if you need a different TLS/SSL certificate for your AS2 service. Certificate pinning of the AS2 endpoint isn't recommended as it nullifies the practice of using fully valid and chained TLS/SSL Certificates. Pinning is typically used as a security workaround for when a trading partner implements a self-signed TLS/SSL certificate for their AS2 endpoint. |
| Trading partner is receiving unsuccessful HTTP response codes | A successful AS2 transmission will return a 200 response code. Other HTTP response codes will indicate the reason for the response. Codes such as 401 and 403 can indicate authentication or permission issues that need to be resolved. Codes such as 502 and 504 can indicate temporary networking issues caused by routers and gateway devices that reside on the network between sender and recipient. AS2 systems should automatically retry transmissions whenever these codes are detected. |
Get Instant Access to Files.com
The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.
Start My Free Trial