Sterling B2B Integrator - Configure Profile Manager

You can configure bank, partner, and user profiles in the Profile Manager.

Profile Manager in Sterling B2B Integrator enables you to configure the following profiles:
  • Bank
  • Partner
  • User
Note: To prevent case insensitivity among various databases, you must provide the profile ID (bank, partner, and user) values in upper-case. If you provide the profile ID values in any other format, Sterling B2B Integrator changes the value to upper-case.

EBICS Server supports creating bank configuration using RSA Keys and X509 Certificates. A bank profile includes the EBICS host information.

Creating RSA Keys
  • Use the openssl tool to create 2 sets of certificates one each for Authentication and Encryption.
  • Use the commands listed below to create the certificates -

openssl genpkey -outform DER -out hostRSAAuthPrivate.key -algorithm RSA -pkeyopt

rsa_keygen_bits:2048

openssl rsa -inform DER -in hostRSAAuthPrivate.key -pubout -out

form DER -out hostRSAAuthPublic.der

openssl pkcs8 -topk8 -inform DER -in hostRSAAuthPrivate.key -out

form DER -nocrypt -out hostRSAAuthPrivate_pkcs8.key

 

  • Move the <KeyName> _pkcs8.key files along with their respective <CertName>.der files to the local file system.
Creating HTTPS Certificate for EBICS Server HTTPS Communication

If a CA issued certificate is available, check in the pfx or p12 file into Trading Partner > Digital Certificates System and the CA root certificate into Trading Partner > Digital Certificates CA.

Alternatively, you can create a self signed certificate under Trading Partner > Digital Certificates System.

Creating EBICS HTTP Server Adapter

Under Deployment > Services > Configuration, search for EBICS HTTP Server Adapter. click Copy, rename it and give the port number on which EBICS Server accepts requests from the EBICS Clients. Under this configuration, select Use SSL to configure the EBICS Server for HTTPS configuration.

In the next page, select the system certificate, which is created during the previous step.

To change the default URI, delete the EBICSRequest and create a custom URI with business process to be run as handleEBICSRequest.

To create a bank profile, complete the following steps:

  1. Log in to Sterling B2B Integrator.
  2. From the Administration menu, select EBICS > Subscription Manager > Profile Manager > Bank Configuration.
  3. In the Bank Configuration page, click Go next to Create New Bank.
  4. In the Bank Configuration page, enter the values for the fields listed in the following table and click Next.
    Field
    Description
    Bank ID (Host ID)Required. Specify a unique ID for the bank in the bank's system.
    Note: You must use the SWIFT-BIC (Bank Identifier Code) format for specifying the bank ID. If you do not specify the bank ID in the recommended SWIFT-BIC format, the Payment Status Report (.PSR) report is not generated.
    Bank NameRequired. Specify the name of the bank.
    Address Line 1Optional. Specify the address of the bank.
    Address Line 2Optional. Specify the address of the bank.
    CityOptional. Pertains to address of the bank. Specify the name of the city.
    State or ProvinceOptional. Specify the name of the state or province.
    Country/RegionOptional. Select the country or region.
    Zip or Postal CodeOptional. Specify the zip code or postal code.
    Time ZoneOptional. Select the time zone.
    E-mail AddressOptional. Specify the e-mail address of the bank.
    Telephone NumberOptional. Specify the phone number with country code and state code.
    Certificate typeRequired. Specify the Certificate type - Keys or X509 as required.
  5. In the Bank Technical Information page, enter the values for the fields listed in the following table and click Next.
    Field
    Description
    Encryption Private CertificateRequired. Specify the key used by the bank to decrypt inbound order data. The key must be a Sterling B2B Integrator system certificate. The bank must distribute the public part of the key to its EBICS partners and users.
    Encryption Public CertificateRequired. Specify the key to enable sending of encrypted requests to the EBICS Banking Server. The key is distributed by the EBICS Banking Server. The bank must distribute the public part of the key to its EBICS partners and users. The key must be a public part of the Sterling B2B Integrator system certificate.
    Authentication Private CertificateRequired. Specify the private key used by the bank to create the digital signature in the response sent to the EBICS partners and users. The partners and users must have the public part of the key to validate the authorization. The key must be a Sterling B2B Integrator system certificate.
    Authentication Public CertificateRequired. Specify the key the bank provides to the user to validate the authorization of the response received from the EBICS Banking Server. The key is distributed by the EBICS Banking Server. The key must be a public part of the Sterling B2B Integrator system certificate.
    Maximum Recovery AttemptsRequired. Specify the number of recovery attempts for a transaction. The default value is 0, which indicates that there is no recovery.
    Maximum No. of Sign AllowedRequired. Specify the maximum number of personal signatures allowed for each order type or file format in the contract. The default value is 2. If the value is set to 0, no personal signature is required for the contracts of the bank.
    Allow PrevalidationOptional. Select this check box to allow preliminary verification of the account authorization, account limit, Electronic Signature, and other data, which are a part of the first transaction step. By default, this option is selected.
    Support Client DownloadOptional. Client Data Download. Select this check box to support the order types HKD and HTD.
    Support Order DownloadOptional. Downloadable order data. Select this check box to support the order type HAA.
    Support X509DataOptional. Select this check box to support X.509 data. By default, this option is selected.
    Note: This is valid only for X509 certificate type.
    Persist X509DataOptional. Select this check box to persistently store the user's X.509 data on the server. By default, this option is selected.
    Note: This is valid only for X509 certificate type.
    Note: If you select Certificate type as Keys, then you must use the keys generated using the openSSL tool for Encryption and Authentication of private or public keys.
  6. In the Bank URL page, perform any of the following actions:
    • Click add to add a new bank URL.
    • Click edit next to the bank URL you want to edit.
    • Click delete next to the bank URL you want to delete.
  7. This step is applicable only if you opted to add a new bank URL. In the Bank URL: Details page, specify values for the fields listed in the following table, and click Next.
    Field
    Description
    Bank URLRequired. Specify the HTTP URL the bank will host. A bank can have multiple URLs with a minimum of one. The bank URL is given to a user for the user to send requests to the bank. The Uniform Resource Indicator (URI) is configured in the HTTP Server adapter to listen at the port, and receive EBICS requests, if any.
    Note: Each bank ID should have a unique port number or URI.
    Valid FromOptional. Specify the date from which the URL or IP is valid in the MM/DD/YYYY format. Click the calendar icon to select the date.
  8. In the Bank Protocol page, perform any of the following actions:
    • Click add to add a new bank protocol.
    • Click edit next to the bank protocol you want to edit.
    • Click delete next to the bank protocol you want to delete.
  9. This step is applicable only if you opted to add a new bank protocol. In the Bank Protocol: Details page, specify the values for the fields listed in the following table, and click Next.
    Field
    Description
    Protocol VersionRequired. Select the schema version relevant to the supported EBICS version. Valid values are H004, H003 and H000. The default value is H003.
    Release VersionThe EBICS version supported by the bank and associated with the protocol version specified, is displayed.
  10. This step is applicable only if you added a new bank protocol. In the Bank Protocol: Bank Process page, perform any of the following actions:
    • Click add to add a new bank process.
    • Click edit next to the bank process you want to edit.
    • Click delete next to the bank process you want to delete.
  11. This step is applicable only if you opted to add a new bank process. In the Bank Process: Details page, specify the values for the fields listed in the following table, and click Next.
    Field
    Description
    TypeRequired. Select the process type. Valid values are:
    • Encryption
    • Signature
    • Authentication
    VersionRequired. Select the process version.
    • If you selected Encryption as the process type, the valid value is E002.
    • If you selected Signature as the process type, the valid values are A005 and A006.
    • If you selected Authentication as the process type, the valid value is X002.
  12. In the Bank Protocol: Bank Process page, click Next.
  13. In the Confirm page, verify the bank configuration settings.
    • Click Show All next to Bank URL Information to view the Bank URL settings.
    • Click Show All next to Bank Protocol Information/Bank Process Information to view the Protocol version, Release version, Bank Process type and Bank Process version.
    After verifying the bank configuration settings, click Finish.

You can search for a bank profile from under the Administration menu by Bank ID (Host ID).

To search for a bank profile, complete the following steps:

  1. Log in to Sterling B2B Integrator.
  2. From the Administration menu, select EBICS > Subscription Manager > Profile Manager > Bank Configuration.
  3. In the Bank Configuration page, perform one of the following actions, and click Go.
    • Under Search in the Bank ID (Host ID) field, enter either a part of the bank ID or the entire bank ID of the bank profile you are searching for.
    • From the List Alphabetically drop-down list, select ALL or the letter with which the ID of the bank you are searching for begins. Selecting ALL lists all the bank IDs.

EBICS Server supports RSA Keys and X509 Certificates. A bank profile includes the EBICS host information.

To edit a bank profile, complete the following steps:

  1. Log in to Sterling B2B Integrator.
  2. From the Administration menu, select EBICS > Subscription Manager > Profile Manager > Bank Configuration.
  3. In the Bank Configuration page, using either Search or List, locate and select the Bank ID (Host ID) you want to edit, and click Go.
  4. Click edit next to the bank ID you want to edit.
  5. In the Bank Configuration page, enter the values for the fields listed in the following table and click Next.
    Field
    Description
    Bank NameRequired. Specify the name of the bank.
    Address Line 1Optional. Specify the address of the bank.
    Address Line 2Optional. Specify the address of the bank.
    CityOptional. Specify the name of the city.
    State or ProvinceOptional. Specify the name of the state or province.
    Country/RegionOptional. Select the country or region.
    Zip or Postal CodeOptional. Specify the zip code or postal code.
    Time ZoneOptional. Select the time zone.
    E-mail AddressOptional. Specify the e-mail address of the bank.
    Telephone NumberOptional. Specify the phone number with country code and state code.
    Certificate typeRequired. Specify the Certificate type - Keys or X509 as required.
  6. In the Bank Technical Information page, enter the values for the fields listed in the following table and click Next.
    Field
    Description
    Encryption Private CertificateRequired. Specify the key used by the bank to decrypt inbound order data. The key must be a Sterling B2B Integrator system certificate. The bank must distribute the public part of the key to its EBICS partners and users.
    Encryption Public CertificateRequired. Specify the key to enable sending of encrypted requests to the EBICS Banking Server. The key is distributed by the EBICS Banking Server. The bank must distribute the public part of the key to its EBICS partners and users. The key must be a public part of the Sterling B2B Integrator system certificate.
    Authentication Private CertificateRequired. Specify the private key used by the bank to create the digital signature in the response sent to the EBICS partners and users. The partners and users must have the public part of the key to validate the authorization. The key must be a Sterling B2B Integrator system certificate.
    Authentication Public CertificateRequired. Specify the key the bank provides to the user to validate the authorization of the response received from the EBICS Banking Server. The key is distributed by the EBICS Banking Server. The key must be a public part of the Sterling B2B Integrator system certificate.
    Maximum Recovery AttemptsRequired. Specify the number of recovery attempts for a transaction. The default value is 0, which indicates that there is no recovery.
    Maximum No. of Sign AllowedRequired. Specify the maximum number of personal signatures allowed for each order type or file format in the contract. The default value is 2. If the value is set to 0, no personal signature is required for the contracts of the bank.
    Allow PrevalidationOptional. Select this check box to allow preliminary verification of the account authorization, account limit, Electronic Signature, and other data, which are a part of the first transaction step. By default, this option is selected.
    Support Client DownloadOptional. Client Data Download. Select this check box to support the order types HKD and HTD.
    Support Order DownloadOptional. Downloadable order data. Select this check box to support the order type HAA.
    Support X509DataOptional. Select this check box to support X.509 data. By default, this option is selected.
    Note: This is valid only for X509 certificate type.
    Persist X509DataOptional. Select this check box to persistently store the user's X.509 data on the server. By default, this option is selected.