In the last part of this 5-part blog series, I would like to detail Boomi EDI AS2 error related to encryption certificates mismatch.
AS2 is secure as it supports data encryption and signing. AS2 set up involves exchanging the public encryption certificates between AS2 partners. During AS2 send, the data is encrypted by the sender using the receiving partner public cert which would be decrypted by the corresponding private key configured in the receiving partner end. If there is a mismatch between the encryption certificates between the sending and receiving partners, you will encounter an exception.
🚩AS2 receive errors:
When there is a mismatch during AS2 receive, the below error is reported in the “Error Message” column of the process reporting page.
Error receiving AS2 message - Error received decrypting message: An error occurred while decrypting the message because the sender and receiver's encryption certificates do not match.
🚩AS2 send errors:
If there is a mismatch during send, the trading partner AS2 server usually responds with a negative MDN indicating mismatch as reason. Please see a sample failure message returned in the MDN from one of the trading partner’s AS2 server.
DecryptionFailureException: Message was not encrypted with the expected certificate
Trading Partner Shape of Process reporting Execution indicating MDN with errors
🚩Resolution
This type of exception occurs during new AS2 set up or when the existing AS2 cert is updated as the current cert is about to expire.
✅To resolve this error, you need to ensure that the correct encryption certificate is configured with the both the sender and receiver.
✅If the exception occurs during AS2 receive, please ensure that the serial number of the public cert supplied by the receiver matches with both the sender and receiver.
✅Should an exception arise during during AS2 send, please ensure the serial number of the encryption cert supplied by the sender matches with both the sender and receiver.
Please see below the screenshot indicating where you can find the serial number of a cert.
