The NAS2 adapter is a non-blocking AS2 with improved
performance, connection management, and various other security features.
The NAS2 adapter provides extensive flexibility by exposing an
array of parameters that can be configured for security providers,
Message Disposition Notification (MDN) handling, Certificate Revocation
List (CRL) checking, and so on.
x
This section describes the features that have been added
as part of the improvement to the NAS2 adapter.
-
LDAP Certificate Support. Retrieval
of partner certificates from the LDAP system as part of the certificate
store configuration to complete the signature chain validation.
-
Signer Certificate Chain. Option
to not include the signer certificate when sending an AS2 message
or replying with an MDN. This allows you to minimize the message
size for enhanced performance.
-
Certificate Revocation List Checking Option. Allows the
configuration of NAS2 to validate if the message being processed
is signed using a revoked certificate. If the option for CRL checking
is selected, it will require a configured certificate store on the
NAS2 component which can point either to a list of named keystore
providers, directory CertStore providers, and directory Providers
(LDAP) where the revoked certificates are located.
-
Key Alias Selection. On
the S/MIME and SSL components, new parameters are exposed, which
allow you to specify the key alias with the keystore and truststore.
This allows you to pick which key to use for various security operations
such as signatures, decryptions, and so on.
-
Persistent Connection Support. The
NAS2 adapter supports persistent connections, which allows improved
connection handling and management.
-
Ordering of Signature and Compression. A
feature to allow the selection of compression and signature ordering
is available. Now you can configure if the message should be signed
and then compressed or compressed then signed.
-
Delayed MDN. The NAS2 adapter also supports the feature
which is not typical to the standard AS2 processing, but allows
a great degree of flexibility when it comes to MDN processing. When
a message is received on the NAS2 listener, you may configure the
MDN to be delayed until the business processing of the message is completed.
If the Delayed MDN option is selected, it is your responsibility
to invoke the corresponding MDN send service as part of the business
processing that will send the MDN as requested by the originator
of the message.
-
Safe Store for Messages. The
Safe Store option on the NAS2 component will safe store the message
before performing any further processing to the message. This will
prevent any message loss. After the message has been processed,
it will be removed from the safe store. In the event that the system
goes down, all the messages in the safe store will be processed
after the system is back on line.
-
Large File Limit. The
NAS2 adapter contains various internal improvements to handle large
file sizes. An option exposed on the NAS2 inbound processing that
allows you to limit the message size accepted by the NAS2 adapter.