DirectLine for Business AS2 USER GUIDE

Transcription

1 DirectLine for Business AS2 USER GUIDE

2 Contents BMO AS2 Service...1 Introduction... 1 Overview... 1 ICS AS2 Mailbox User... 2 AS2 Mailbox Service Setup...3 Before You Begin... 3 Connectivity Testing... 3 Inbound (to BMO) Mail Slots...3 Outbound (from BMO) Mail Slots... 4 Appendix A AS2 Services Client Questionnaire...5 Appendix B - Definitions...8 File encoding... 8 Other definitions... 8 Use of DirectLine for Business is subject to applicable agreements. i DirectLine is a registered trade-mark of Bank of Montreal. Other products and services not listed above are trademarks, service marks, or registered trademarks of their respective companies. Interchange services is a service mark of GXS, Inc. BMO-FG-GXS-AS

3 BMO AS2 Service INTRODUCTION This guide explains how to configure your system to allow secured communication over the Internet via Applicability Statement 2, or AS2, with a client (third party software) and to begin exchanging files and reports with BMO Bank of Montreal (BMO). This service is provided in conjunction with Global exchange Services, Inc. (GXS). AS2 is a second-generation specification that is designed to be a secure method of transmitting business documents over the Internet using HTTP. The EDIINT (EDI over the Internet) Working Group of the Internet Engineering Task Force (IETF) developed the AS2 protocol. BMO s AS2 service is an AS2-compliant, Drummond Group /UCCnet certified system for sending and receiving EDI, XML, and other proprietary documents. This service is designed to interoperate efficiently with other external AS2 Drummond Group/UCCnet certified systems. The AS2 service supports both inbound and outbound data processing. It also allows both standard and secure connections using the Internet Security Facility. OVERVIEW BMO s AS2 service allows you to exchange various Cash Management files and reports over the Internet using the AS2 protocol, while providing security and authentication of document receipt. Security and encryption of the documents is provided using S/MIME Version 3, an IETF standard defined in RFC If you have existing AS2 software, the AS2 service allows you to leverage that software and connect to BMO. To use AS2 service, BMO will provide you with a mailbox and password in order to send and receive documents. If you do not have certified AS2 software, software can be provided at additional cost. PAGE 1 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT

4 ICS AS2 MAILBOX USER As an AS2 mailbox user, you use AS2 as the transport method to exchange data with BMO. Inbound Data to the BMO: When you want to send data to BMO, your AS2 software will encrypt the data, add the digital signature, and send the data out across the Internet to the GXS AS2 service ( The GXS AS2 web server receives your data, validates the sender, authenticates the data through the digital signature, decrypts the data, and routes the data to BMO. Outbound Data from BMO: When BMO sends files or reports to your mailbox, the GXS AS2 service will encrypt the data, add digital signatures, and send the data out across the Internet to your AS2 server. Picture 1 PAGE 2 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT

5 AS2 Mailbox Service Setup BEFORE YOU BEGIN The items listed below are required before you begin the setup. 1. Obtain a Security Certificate from one of the authorized providers. Authorized providers are: Verisign, Inc. Digital Signature Trust SM While it is strongly recommended that you use a 3 rd party certificate, we will also accept self-initiated certificates. The certificate may be a business or personal level certificate. 2. Obtain AS2 client software. Our service requires the use of a Drummond Group/UCCnet certified client. (Go to 3. Obtain your mailbox ID, password, and contact information. The BMO Implementation Specialist (IS) will provide this information, once implementation has started. CONNECTIVITY TESTING Follow the steps below to set up an AS2 mailbox. 1. Install and setup your AS2 client software. 2. An IS will contact you to exchange security certificate information (public key), and to obtain your AS2 listener URL for use in the AS2 setup on the service. We will install your filename.p7c certificate (public key) on the GXS side to facilitate the encryption. You will install the GXS.P7C certificate (public key) on your system (AS2 client software) to enable encryption on your side. 3. Once the certificates are installed on each side, an IS will schedule a test to ensure that connectivity has been setup successfully. 4. IS will confirm your inbound and outbound trading relationships (mail slots) with you. INBOUND (TO BMO) MAIL SLOTS Once you have been set up you can send files to BMO from your mailbox. In order to send files you must know your mail slots. Depending on the number of services with us, you may have more than one inbound mail slot. Your inbound mail slot consists of the following: Application name provided by IS; Application document type provided by IS; File encoding provided by you when implementation was requested. PAGE 3 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT

6 When you are sending an Electronic Funds Transfer (EFT) file to BMO, your inbound trading relationship will look as follows: DEFT-DEFT80-A where DEFT is application name, DEFT80 is document type, A is encoding. The above mail slot means that you can send BMO 80 byte EFT files in ASCII format. Please work with your IS to get details of all of your inbound trading relationships. IMPORTANT: AS2 requires a separate AS2 ID for each mail slot. IS will provide you with the AS2 Ids for each inbound mail slot. This will allow you to send files to BMO. OUTBOUND (FROM BMO) MAIL SLOTS BMO will send your reports and files to your mailbox. Depending on the number of services you have with us, you may have more than one outbound mail slot (also known as an outbound trading relationship). Your outbound mail slot consists of the following: Mailbox ID provided by IS Application name provided by IS Application document type provided by IS File encoding provided by you when implementation was requested. BMO will send your files / reports to one of the outbound mail slots. For example, if you are setup to receive EFT reports or files, your mail slot will look as follows: AAA12345-DEFT-WINTESTE20RPT-A where AAA12345 is your mailbox ID, DEFT is application name, WINTESTE20RPT is document type, A is encoding. The above mail slot will be receiving reports from EFT system in ASCII format. Please work with your IS to get details of all of your outbound trading relationships (mail slots). AS2 service will push files to your AS2 server, once received by your outbound mail slot. IMPORTANT: AS2 requires separate AS2 ID for each mail slot. Please provide AS2 ID for each outbound mail slot (see Appendix A). This will allow you to receive files from BMO. PAGE 4 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT

7 Appendix A AS2 Services Client Questionnaire SECTION I: B ASIC INFORMATION ABOUT YOUR COMPANY Client Name: Business Contact: Phone: Technical Contact: Phone: Address: What is your desired production date? Are you currently a Global exchange Services (GXS) client? YES, go to Section II NO, continue with Section III SECTION II: GXS INFORMATION Do you have a mailbox on GXS Interchange Service platform? YES, proceed to the next question NO, continue with Section III Would you like to use the same mailbox to exchange files/reports with BMO? YES, proceed to the next question NO, continue with Section III Please provide your mailbox ID here and go to section 3 Mailbox ID PAGE 5 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT

8 SECTION III: AS2 I NFORMATION Complete this section if your company will be connecting to BMO using AS2 communications to access your mailbox. We need the following information about your AS2 setup. AS2 ID used in AS2 Header: for mail slot: IMPORTANT: You will need to provide AS2 ID for each mail slot assigned to you. See AS2 mailbox setup section. Digital Certificate: Type: Digital Signature Trust Verisign Self-Signed Expiration Date: Encryption Algorithm: none DES triple DES RC2: RC4: Hashing Algorithm: SHA1 MD5 Signature Algorithm: SHA1 MD5 Please list all applications you are planning to use: EDI: EFT: ARS: BAI: PAGE 6 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT

9 PAYABLES FCCS/FBPS: : Indicate file encoding (See Appendix B for encoding description) Inbound files to BMO A (ASCII) E (EBCDICI) Outbound files from BMO W (WINDOWS) A (ASCII) E (EBCDICI) MDN Receipt Type: Signed (recommended) Unsigned AS2 Software: Version: AS2 Server URL for Test: URL for Production: Additional Notes: PAGE 7 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT

10 Appendix B - Definitions FILE ENCODING BMO supports several file encoding types. These are: W: Windows (ASCII machine) This encoding can be used in Outbound transmission from BMO ONLY. The default delimiter on the Windows platform is CR (Carriage Return) and Line Feed (LF). This means that the record terminators within the application files on the windows platform are CRLF. A: Unix (ASCII machine). The default delimiter on Unix platform is Line Feed (LF). This means that the record terminators within the application files on the Unix platform are LF. E: Mainframe (EBCDIC machine). There is no specific character as the record delimiter on mainframes (Unisys or IBM). The encoding of the data is EBCDIC. While sending and receiving files from the mainframes, no data conversion needs to be performed. OTHER DEFINITIONS Mailbox This is your user ID on the Secure FTP service. Mail slots (or trading relationships) Mail slots belong to a mailbox and are used to receive various Cash Management files and reports. BMO sends your files and reports to an appropriate mail slot. By using mail slots, you can easily identify the application to which your files and reports belong. PAGE 8 FOR ASSISTANCE, PLEASE CALL THE HELP DESK AT