Sterling B2B Integrator - Configuration Prerequisites

You must configure the prerequisites that access Sterling B2B Integrator before using EBICS Client.

  1. Check in the public and private part of the certificates into the System and Trusted store of Sterling B2B Integrator. Check in the required Certificate Authority (CA) certificates into the CA store of Sterling B2B Integrator or create a self-signed certificate.
    The following types of certificates are used for configuring a user:
    • Identification and authentication
    • Encryption
    • Signing
  2. From the Identities menu of Sterling B2B Integrator, create an identity record for your organization, indicating your organization as the base identity.
    This identity name should correspond to the EBICS partner name.
  3. From the User Accounts menu of Sterling B2B Integrator, create a User Account and assign permissions to the user.
    The user name should correspond to the EBICS user name.
  4. Configure an adapter (such as File system adapter, HTTP(S) adapter, SFTP adapter, FTP(S) adapter) in Sterling B2B Integrator, that enables you to send and receive files and invokes the EBClientOrderPreProcess business process. For example, configure a File System Adapter to invoke the EBClientOrderPreProcess business process.
  5. Configure the following mailboxes and associate them with each user.
    • EBClientOrderMetadata (preconfigured)
    • Download (Inbox)
    • Upload (Outbox)
  6. Verify that the EBClientMailboxArrivedMessage business process is associated with the EBClientOrderMetadata Mailbox. The automatic routing rule triggers the business process to perform automated functions, such as notifying an interested party about an incoming message in the mailbox.
    Note: It is recommended that you do not modify the existing configuration for EBICS Client routing rules. Modifying the routing rule configuration may create duplicate subsets and duplicate orders for an order submission.
  7. Ensure that the MailboxEvaluateAllAutomaticRulesSubMin Schedule is enabled.

A trading partner is represented by an identity record. An identity record describes the trading partner and contains information referenced when a business process involving trading partners is run.

For more information about identity record and trading partner, see the Sterling B2B Integrator Trading Partner Management documentation. To create an identity record:
  1. Log in to Sterling B2B Integrator.
  2. From the Administration Menu, select Trading Partner > Advanced > Identities.
  3. Under Create, next to New Identity, click Go!
  4. On the Identities page, do one of the following:
    • To create an identity record that inherits all the components of an existing trading profile, select an identity record from Select Base Identity, and click Next.
    • To specify properties, leave Select Base Identity blank, and click Next.
  5. Specify the Information settings.
    On the Information page, complete the following fields and click Next:
    Information Fields
    Description
    NameRequired. Name for the identity record to create for this trading profile.
    Reference URLOptional. Uniform Resource Locator (URL) is the Internet address of the trading partner.
    DUNSOptional. Data Universal Numbering System (DUNS) is a unique nine-character company identification number issued by Dun & Bradstreet Corporation.
    IdentifierRequired. Primary ID of this identity record. It could be a DUNS number, EDI interchange ID, e-mail address, or another unique string.
    Address Line 1Required. Conventional mailing address of the trading partner organization.
    Address Line 2Optional. Additional mailing address information of the trading partner organization.
    CityRequired. City where the trading partner is located.
    State or ProvinceOptional. State or province where the organization of the trading partner represented by the identity is located.
    Zip or Postal CodeRequired. ZIP or postal code where the trading partner is located.
    E-mail AddressOptional. E-mail address of the trading partner.
    Telephone NumberOptional. Telephone number of the trading partner.
    Time ZoneOptional. Time zone where the trading partner is located.
    CountryOptional. Country where the trading partner is located.
  6. Click Finish to add the identity.
  7. Click Return to continue.

You can create user accounts from the Administration menu.

Before you begin, you need to know whether you are using local or external authentication:

  • Local – Authentication is completed against the application database (default).
  • External – Authentication is completed against an LDAP server. External authentication does not require the LDAP adapter, which is used with business processes and enables the system to communicate with local or remote LDAP servers using a Java Naming Directory Interface (JNDI).

If you are assigning one or more Authorized User Keys to this account, the keys must be obtained from your trading partner and checked in before creating the user account.

You also need to know the following information:

Table 1. create user accounts

Field

Description

User ID

Required. User ID for the user account you are creating. The user ID must be at least 5 characters long.

For the MySQL database only, the login is not case sensitive. You should always use uniquely spelled IDs, so that one user does not accidentally use another user's ID.

Password (Local Authentication only)

Required for local users. Password for the user account you are creating. The password must be at least 6 characters long. This field does not display for external users.

Confirm Password (Local Authentication only)

Required for local users. Type the password a second time. This field does not display for external users.

Policy (Local Authentication only)

Optional. Password policy to associate with this user account. From the list, select from the policy you want to associate. This field does not display for external users.

The system calculates the expiration date from the first date that the user logs on with this password.

Authentication Host (External Authentication only)

The Lightweight Directory Access Protocol (LDAP) server on which the user is being authenticated. The server or servers listed in this field are specified in the authentication_policy.properties.in file.

Session Timeout

Required. Amount of time in minutes that you can be inactive before you have to log in again. Time is in minutes.

Accessibility

Optional. Portion of the dashboard user interface that the user account has access to.

The following are accessibility options:
  • Admin UI – Accesses the Admin Console pane in the dashboard only.
  • AS2 UI – Accesses the AS2 Edition interface only.
  • UCCNET UI – Access to the UCCnet Edition interface only.
  • Dashboard UI – Accesses dashboard interface. Refine by choosing a Dashboard Theme.

Dashboard Theme

Required if accessibility is set as Dashboard UI. Predefined dashboard that the user account has access to.

The following are dashboard theme options:
  • Default
  • Operator
  • Participant
  • Participant Sponsor
  • Sponsor
  • AFT

Given Name

Required. Name used to identify the user.

Surname

Required. User's last name.

E-mail

User's e-mail address.

Pager

User's pager number.

Preferred Language

User's preferred language. Select from: English, French, Japanese, or Spanish.

Manager ID

User ID of the user's manager.

Identity

Identity of the trading partner to associate with the user account. Only one trading partner can be associated with a user account. A user account can be associated with many groups, each with its own trading partner identity association. This enables a user account to be associated with more than one trading partner. The Identity field is used for routing messages in Mailbox. Select a trading partner identity from the list.

The default value is Hub Organization.

For more information about creating users and assigning permissions to users, see the Sterling B2B Integrator Security documentation.

To create a user account:

  1. Log in to Sterling B2B Integrator.
  2. From the Administration Menu, select Accounts > User Accounts.
  3. Next to Create a new Account, click Go!
  4. In the New Account page, select the Authentication Type.
  5. Enter the User ID and Password.
  6. Confirm the Password.
  7. Select the Policy.
  8. Enter the Session Timeout.
  9. Select the Accessibility.
  10. Select the Dashboard Theme.
  11. Click Next.
  12. On the SSH Authorized User Key page, assign one or more public keys. Move the keys from the Available pane to the Assigned pane and click Next.
  13. On the Groups page, assign groups of permissions. Move the group names from the Available pane to the Assigned pane and click Next.
  14. On the Permissions page, assign individual permissions. Move the permissions from the Available pane to the Assigned pane and click Next.
    By default, the permissions associated with the groups that this user is assigned to are already selected.
  15. On the User Information page, enter the Given Name.
  16. Enter the Surname.
  17. Enter the E-mail address.
  18. Enter the Pager number.
  19. Select the Preferred Language.
  20. Enter the Manager ID.
  21. Select the Identity.
  22. Click Next.
  23. Review the user account settings.
  24. Click Finish.
    The user account is created and this message is displayed:
    The system update completed successfully.
    If you created an external user, log out of the system, and then log back in with the external user ID or account. The system authenticates the external user ID on the external LDAP server.

Use the File System adapter to collect (import) files from a file system into a business process and extract (export) files from a business process to a file system.

You can configure the File System adapter to start a business process after files are collected from the file system or include the File System adapter in a business process flow. In addition, you can schedule the File System adapter to run at specific time intervals.

You can create multiple File System adapter configurations, one for each of several collection folders. Alternatively, you can use a single File System adapter configuration to point to different directories by specifying the directories for file collection and extraction in a business process. For more information about configuring the File System Adapter, see the File System Adapter documentation.

Configure the File System Adapter to invoke the EBClientOrderPreProcess business process.

To create a File System adapter configuration, specify field settings in Sterling B2B Integrator and in the Graphical Process Modeler (GPM).

The following table describes the fields used to configure the File System adapter in the Sterling B2B Integrator.

Note: The field names in parentheses represent the corresponding field names in the GPM. This information is provided for your reference.
Field
Description
NameRequired. Unique and meaningful name for the service configuration.
DescriptionRequired. Meaningful description for the service configuration, for reference.
Select a groupGroup to associate with the adapter. Valid values:
  • None: No group is selected.
  • Create New Group: Allows the creation of a new group.
  • Select Group: Select from a list of available groups.
Collection folder (collectionFolder)Required. The name of the folder or subfolder on the same computer where Sterling B2B Integrator is installed and where it collects (or picks up) files as part of a business process. If the path for the folder is not included as part of the name, the folder is assumed to be in the Sterling B2B Integrator working directory.
Note:
  • The deleteAfterCollect parameter in the GPM defaults to Yes. If you do not change the default value to No, files that are collected are deleted from the Collection Folder. The File System adapter does not copy the files it collects for processing. See Graphical Process Modeler Configuration for information about the deleteAfterCollect parameter.
  • The collectionFolder parameter is read-only in the GPM. However, you can override this parameter using Business Process Modeling Language (BPML).
Filename filter (filter)Optional. Collect only files that match a specified filter within the collection folder. Examples include:
  • *.txt (collects only .txt files).
  • *.dat (collects only .dat files).
  • EDI.* (collects only files named EDI with any file extension).
  • EDI.txt (collect only files named EDI with a file extension of .txt).
Note: If there are multiple files in the collection folder and you leave this field blank, one of the following occurs:
  • If the adapter is configured to start a business process, it processes all files placed in the collection folder.
  • If the adapter is within a business process, it collects only the first file in the collection folder.
Note: If you specify this option using the File System adapter configuration, you cannot override the value using the GPM filter parameter. However, you can override this parameter using BPML.
Collect files from subfolders within and including the collection folder? (useSubFolders)Required. Whether to scan for files in subfolders of the collection folder. Valid values:
  • Yes: Collects files in the specified folder and all subfolders.
  • No: Collects files in the specified folder only.
Note: This parameter is read-only in the GPM.
Use the absolute file path name for the document name? (keepPath)Required. Whether to keep the absolute path name of the files collected when assigning the document name. Valid values:
  • Yes: The absolute file path name is kept with the document in the business process. Choose this value if your business process requires the path information to precede the file name.
  • No: Only the file name is kept with the document in the business process.
Note: An absolute path is a path that points to the same location regardless of the working directory or combined paths. It is written in reference to a root directory. For example, c:\dir1\subdir1\somefile.txt (Windows) and /home/dir1/subdir1/somefile.txt (UNIX) are examples of absolute paths to the file somefile.txt.
Note: This parameter is read-only in the GPM.
Start a business process once files are collected? (bootstrap)Required. Whether to start a business process using the File System adapter after files are collected. Valid values:
  • Yes: Starts the business process specified from the business process drop-down list for every file that matches the filtering criteria. An instance of the business process is started for every file that matches the filtering criteria specified for file collection until the number of threads specified on the maxThreads parameter is reached.
  • No: No business process is started. This parameter is read-only in the GPM.
Business Process (initialWorkFlowId)Required when Start a business process is set to Yes. The business process to start after files are collected. Select EBClientOrderPreProcess from the Business Process drop-down list.
Note: This field displays as an option only if Start a business process once files are collected is set to Yes. If you specify a business process using the configuration, you cannot override this value using the GPM initialWorkFlowId option. If you select Not Applicable, a business process can be selected in the GPM. In either case, you can override this parameter using BPML.
Document storage type (docStorageType)Required. Defines how the document is stored in the system. Valid values:
  • System Default.
  • Database.
  • File System.
Note: This field only displays as an option only if Start a business process once files are collected is set to Yes. If you specify this parameter using the configuration, you cannot override this value using the GPM DocStorageType option. However, you can override this parameter using BPML.
Obscure File Contents? (obscure)Specifies whether to obscure the file contents when collecting. Does not work with attachFile or importFile.
  • Yes: File contents are obscured.
  • No: File contents are not obscured.
Note: This field only displays as an option only if Start a business process once files are collected is set to Yes. If you specify this parameter using the configuration, you cannot override this value using the GPM Obscure option. However, you can override this parameter using BPML.
User Parameter 1 (userParm1)A user parameter that is passed to the bootstrapped workflow and placed in process data as UserParm1.
Note: This field displays as an option only if Start a business process once files are collected is set to Yes. If you specify this parameter using the configuration, you cannot override this value using the GPM userParm1 option. However, you can override this parameter using BPML.
User Parameter 2 (userParm2)A user parameter that is passed to the bootstrapped workflow and placed in process data as UserParm2.
Note: This field displays as an option only if Start a business process once files are collected is set to Yes. If you specify this parameter using the configuration, you cannot override this value using the GPM userParm2 option. However, you can override this parameter using BPML.
User Parameter 3 (userParm3)A user parameter that is passed to the bootstrapped workflow and placed in process data as UserParm3.
Note: This field displays as an option only if Start a business process once files are collected is set to Yes. If you specify this parameter using the configuration, you cannot override this value using the GPM userParm3 option. However, you can override this parameter using BPML.
User Parameter 4 (userParm4)A user parameter that is passed to the bootstrapped workflow and placed in process data as UserParm4.
Note: This field displays as an option only if Start a business process once files are collected is set to Yes. If you specify this parameter using the configuration, you cannot override this value using the GPM userParm4 option. However, you can override this parameter using BPML.
User Parameter 5 (userParm5)A user parameter that is passed to the bootstrapped workflow and placed in process data as UserParm5.
Note: This field displays as an option only if Start a business process once files are collected is set to Yes. If you specify this parameter using the configuration, you cannot override this value using the GPM userParm5 option. However, you can override this parameter using BPML.
Run As UserApplies to the scheduling of the business process. The Run As User field displays as an option only if Start a business process once files are collected is set to Yes. Type the user ID to associate with the schedule, or click the list icon and select a user ID from the list. Valid value is any authentic Sterling B2B Integrator user ID.
Note: This parameter allows someone who does not have rights to a specific business process to run it. If you select Admin as the user ID, you inherit administrative rights (for this run of the business process only), and can enable the scheduled run.
Use 24 Hour Clock DisplayIf selected, the adapter uses the 24-hour clock instead of the default 12-hour clock.
ScheduleInformation about scheduling the business process after the File System adapter collects files. The Schedule field displays as an option only if Start a business process once files are collected is set to Yes. Valid values:
  • Do not use schedule.

    If you select this field, the adapter does not start a business process and does not run on a schedule.

  • Run based on timer.

    Valid values are the hour and minutes that specify when to run the adapter. If you choose to select a time interval, the valid values are the hour and minutes for the intervals. Add or delete selections as necessary. Specify any date exclusions. Indicate whether you want the adapter to run at startup.

  • Run daily.

    Valid values are the hour and minutes that specify when to run the adapter daily. If you choose to select a time interval, the valid values are the hour and minutes for the interval. Add or delete selections as necessary. Specify any date exclusions. Indicate whether you want the adapter to run at startup.

  • Run based on days of the week.

    Valid values are the day of the week, the hour, and minutes that specify when to run the adapter. If you choose to select a time interval, the valid values are the hour and minutes for the intervals. Add or delete selections as necessary. Specify any date exclusions.

  • Run based on days of the month.

    Valid values are the day of the month, hour, and minutes that specify when to run the adapter. If you choose to select a time interval, the valid values are the hour and minutes for the intervals. Add or delete selections as necessary. Specify any date exclusions.

Extraction folder (extractionFolder)Required. The name of the folder or subfolder on the same computer where Sterling B2B Integrator is installed and where it extracts (or writes) data from the primary document as part of a business process. If you do not include the file path for the folder as part of the name, the folder is assumed to be the Sterling B2B Integrator working directory.
Note: This parameter is read-only in the GPM.
Unobscure File Contents? (unobscure)Whether to unobscure the file contents when extracting. Does not work with exportFile. Valid values:
  • Yes: File contents are unobscured.
  • No: File contents are not unobscured.
Note: This parameter is read-only in the GPM.
Filenaming convention (assignFilename)Required. Whether to override the document file name and use the assigned file name or not. Valid values:
  • Use the original file name as the extracted file name: Keeps the names of the files.
Note: If the primary document has no document name, the adapter uses a default filename in the form of nodename_yyyyMMddHHmmssSSS.dat.
  • Assign a specific name: Gives you the option to navigate to a screen and specify a different filename for the file extracted to the file system.
Note: This parameter is read-only in the GPM.
Filename (assignedFilename)Required. File name you want to assign, including the file name extension. The Filename field displays onlyif the Filenaming convention is set to assign a specific name. This field cannot be left blank. You can use “%^” to assign a unique file name in the format nodename_yyyyMMddHHmmssSSS.
For example, specifying %^.dat as the Filename assigns the name nodename_20040203114020982.dat to the file.
Note: This field can also be assigned in the GPM. If you select a filename using the File System adapter configuration, you cannot override it using the GPM assignedFilename parameter. However, you can override it using BPML.
Enable Service for Business ProcessesWhether to enable the service for use by business processes. If not selected, the service is disabled. For more information about enabling a service, see Managing Services and Adapters.

You must associate each EBICS Client user with the preconfigured EBClientOrderMetadata mailbox.

You must create a Download (Inbox) and an Upload (Outbox) mailbox and associate each user with the mailboxes.

For more information about configuring mailboxes and assigning permissions to groups and users, see the Sterling B2B Integrator Mailbox Help documentation.

To create a mailbox and assign permissions to groups and users to operate on this mailbox:

  1. Log in to Sterling B2B Integrator.
  2. From the Administration Menu , select Deployment > Mailboxes > Configuration.
  3. Next to Create a new Mailbox, click Go!
  4. In the Mailbox: Name page, select the parent mailbox in which the mailbox you are creating is embedded. You can type a partial name in the Filter by Name field and click the filter button for a filtered list.
    The root mailbox is denoted by a slash (/).
  5. In the Name field, type a name for the mailbox you want to create.
    This name is used to identify the mailbox in the Application, for example, EBClientOrderMetadata.
  6. Required. In the Description field, type a short description for the mailbox and click Next.
    Use this field to describe the mailbox. This field is not used by any other resource in the system.
  7. In the Assign Groups page, use the arrows to add the groups to the Selected Groups list and click Next.
    All groups in the Selected Groups list will have permissions on this mailbox. Click the first double arrow to add all available groups to the Selected Groups list.
  8. In the Filter by Name field, type a partial group name in the field and click the filter button for a filtered list.
  9. In the Accounts menu, multiple groups can be added. No groups are required.
  10. Use the arrows to add users to the Selected Users list and click Next.
    All users in the Selected Users list will have permissions on this mailbox. Click the double arrow to add all available users to the Selected Users list.
  11. In the Filter by ID field, type a partial name in the field and click the filter button for a filtered list.

Enabling a schedule makes the schedule active and causes the associated activity to run according to the schedule settings. A schedule must be enabled in order to run.

For more information about setting up schedules to automate manual activities, see the Sterling B2B Integrator Scheduling documentation.

The MailboxEvaluateAllAutomaticRulesSubMin schedule is automatically enabled.

Use the following procedure to enable a schedule:

  1. Log in to Sterling B2B Integrator.
  2. From the Administration Menu, select Deployment > Schedules.
  3. Use Search or List to locate the MailboxEvaluateAllAutomaticRulesSubMin schedule and click Go!
  4. On the Schedules page, locate the MailboxEvaluateAllAutomaticRulesSubMin schedule and ensure that the check box in the Enabled column is selected.

You can create a self-signed certificate from the Administration menu.

Check in the public part of the self-signed certificate into the Trusted store of Sterling B2B Integrator. To create a self-signed certificate:

  1. Choose one of the following options:
    • If you use Sterling B2B Integrator, from the Administration Menu, select Trading Partner > Digital Certificates > System.
    • If you use the AS2 Edition, from the AS2 Administration menu, select Certificates.
  2. Next to Create Self-signed Certificate, click Go!
  3. Enter the Name of the self-signed certificate.
  4. Enter the name of the Organization.
  5. Select the Country or origin of the self-signed certificate.
  6. Enter a contact e-mail address for the person responsible for certificates in the organization and then click Next.
  7. Enter the Serial Number for the certificate.
    The serial number is the number you want to assign to the self-signed certificate.
  8. Enter the Duration (number of days) that the self-signed certificate is valid.
  9. Enter the IP addresses of the network interfaces you want to associate with the certificate as the SubjectAltName field.
  10. Enter the DNS Names of the network interfaces you want to associate with the certificate as the SubjectAltName field.
  11. Select the Key Length. Select one of the following key lengths:
    • 512
    • 1024
    • 2048
    Note: The key length 1024 provides a good balance between security, interoperability, and efficiency. The key length 2048 is the most secure, but also the slowest, and may not work with some applications. For information about defining EBICS-specific key lengths for electronic signature, encryption, and authentication, see EBICS Specification, version 2.5.
    Note: If you select the key length 512, you must check for JDK restrictions on the key length in the java.security file in the JDK. Else, protocol communication might fail during run time.
  12. Select the Signing Algorithm.
    Note: You must use the SHA256withRSA signing algorithm for certificates used with EBICS transactions.
  13. Select the Validate When Used option. Validation options are:
    • Validity – Verifies dates in the validity period of the certificate are still in effect. If the dates are not in effect, the certificate is not used.
      Note: Before you set a value to the validity period of the certificate, you must read and apply the best practice recommendations from the Microsoft PKI Quick Guide. For information about the best practice recommendations for using certificates, see http://www.windowsecurity.com/articles/Microsoft-PKI-Quick-Guide-Part3.html.
    • Auth Chain – Constructs a chain of trust for certificates that are not self-signed. If a chain of trust cannot be constructed using valid certificates, the certificate is not used. If the certificate is self-signed, this option verifies only the certificate signature.
  14. Set the Certificate Signing Bit by selecting the check box.
  15. Click Next.
  16. Review the information about the self-signed certificate.
  17. Click Finish.

Based on security policies at your site, Certificate Authority (CA) certificates in the Java Key Store (JKS) can also be checked in through the console.

Before you begin, save any CA certificates that you obtained externally to a local file.

Check in all the certificates (identification and authentication, signing, and encryption) the EBICS Client user requires to transact with the bank. If a CA-signed certificate is used for configuring a user, then check in the Root CA certificate. If 3SKey is used for signing, then check in the Root 3SKey certificate. Check in the public part of the HTTPS certificate of the server into the CA store of Sterling B2B Integrator. For more information about managing digital certificates, see the Sterling B2B Integrator Security documentation.

To check in a CA certificate:

  1. Log in to Sterling B2B Integrator.
  2. From the Administration Menu, select Trading Partner > Digital Certificates > CA.
  3. Next to New Certificate, click Go!
  4. Select a method to import certificates:

    Import method

    Next Steps

    Import from JVM – Imports from the JKS keystore

    1. Click Import from JVM.
    2. Accept the default password that appears in the password field and click Next.

    If the password field is empty, the system still uses the default password.

    Import from File – Imports certificates saved as a file on a local drive

    1. Click Import from File.
    2. Enter the file name or click Browse to select a CA certificate file. Click Next.

    You may ignore the password that is displayed in the password field. There is no need to erase the entry.

    Available certificates are listed with a summary of identifying information. All certificates are selected by default.

  5. Select the check boxes to the left of each entry to import the certificates.
  6. For each certificate selected, accept the suggested Certificate Name or edit it based on your file naming conventions.
  7. Select the Validate When Used option and click Next. Validation options are:
    • Validity – Verifies dates in the validity period of the certificate are still in effect. If the dates are not in effect, the certificate is not used.
    • Auth Chain – Attempts to construct a chain of trust for certificates that are not self-signed. If a chain of trust cannot be constructed using valid certificates, the certificate is not used. If the certificate is self-signed, this option verifies only the certificate signature.
  8. If you receive a message stating that the certificate duplicates a certificate already in the database, enter Y or N to indicate whether to import the duplicate or not.

    This check is done on single certificates only. It does not take place when checking in one or more certificates from a file.

    Certificates are identified by SHA1 or SHA256 hash for purposes of determining duplicates. More than one copy of a certificate can be present in the database, since each certificate populates a different row and has a distinct object ID. The existing certificate is not overwritten.

  9. Review the CA certificate information.
  10. Click Finish.

You can check in a trusted system certificate from the Administration menu.

Check in the public part of the user's certificate into the Trusted store of Sterling B2B Integrator.

Before you begin, save the trusted system certificate to a file on your local computer.

To check in a trusted system certificate:

  1. Choose one of the following options:
    • If you use Sterling B2B Integrator, from the Administration Menu, select Trading Partner > Digital Certificates > Trusted.
    • If you use the AS2 Edition, from the AS2 Administration Menu, select Certificates.
  2. Next to New Certificate, click Go!
  3. Enter the Filename or click Browse to select the file name of the trusted certificate and then click Next.
  4. Enter the Certificate Name.
  5. Verify the name of the trusted certificate you are checking in.
    For each certificate you selected, the Certificate Name field shows a suggested name, followed by a summary of the identifying information in the certificate. You can change the name based on your file naming conventions.
  6. If you have more than one trusted certificate contained in the file you selected, select the check box to the left of each certificate to check in the certificate.
  7. Select the Validate When Used option and click Next. Validation options are:
    • Validity – Verifies dates in the validity period of the certificate are still in effect. If the dates are not in effect, the certificate is not used.
    • Auth Chain – Attempts to construct a chain of trust for certificates that are not self-signed. If a chain of trust cannot be constructed using valid certificates, the certificate is not used. If the certificate is self-signed, this option verifies only the certificate signature.
    • CRL cache – Controls whether the Certificate Revocation List is consulted each time the system certificate is used.
  8. Review the trusted certificate information.
  9. Click Finish.

You can check in a key system certificate from the Administration menu.

Before you begin, save the key system certificate to a file on your local computer. Check in the private part of the CA-signed certificates into the Key system certificates of Sterling B2B Integrator.

To check in a key system certificate:

  1. Choose one of the following options:
    • If you use Sterling B2B Integrator, from the Administration Menu, select Trading Partner > Digital Certificates > System.
    • If you use the AS2 Edition, from the AS2 Administration menu, select Certificates.
  2. Next to Key Certificate, click Go!
  3. Enter the Certificate Name.
  4. Enter the Private Key Password.
    This password is used to encrypt the private key.
  5. Enter the Filename or click Browse to select the file name of the key certificate and click Next.
  6. Select the Validate When Used option and click Next. Validation options are:
    • Validity – Verifies dates in the validity period of the certificate are still in effect. If the dates are not in effect, the certificate is not used.
    • Auth Chain – Constructs a chain of trust for certificates that are not self-signed. If a chain of trust cannot be constructed using valid certificates, the certificate is not used. If the certificate is self-signed, this option verifies only the certificate signature.
  7. Review the key certificate information.
  8. Click Finish.

Previous Topic

Sterling B2B Integrator - Install EBICS Client Module Manually

Parent Topic

Sterling B2B Integrator - EBICS Client User

Next Topic

Sterling B2B Integrator - Configuring EBICS Client

Thank you for submitting your details.

For more information, Download the PDF.

Thank you for the Registration Request, Our team will confirm your request shortly.

Invite and share the event with your colleagues 

IBM Partner Engagement Manager Standard

IBM Partner Engagement Manager Standard is the right solution
addressing the following business challenges

IBM Partner Engagement Manager Standard

IBM Partner Engagement Manager Standard is the right solution
addressing the following business challenges

IBM Partner Engagement Manager Standard

IBM Partner Engagement Manager Standard is the right solution
addressing the following business challenges

Pragma Edge - API Connect