RosettaNet Certificate/Agreement installation Configuration

Document directory

• 1. Summary:
• 2. Prepare

RosettaNet Certificate/Agreement installation Configuration

1. Summary:

Certificate is an important application of password technology. if used properly, it can effectively solve the following problems:

1. Confidentiality

2. Authentication

3. Integrity

4. Non-Repudiation

For KWE-TI/KWE-Intel PIP applications, certificates are primarily used for the following purposes:

1. SSL

Secure Sockets Layer (SSL) is a set of cryptographic compilation technologies that provide verification, confidentiality, and data integrity. SSL is most commonly used between Web browsers and Web servers to establish secure communication channels (HTTPS ).

2. Signature

Digital signatures use a one-way hash function to detect tampering and solve Authentication problems. because the hash value is unique to the hash data, any modification to the data (even if it is to delete or change a character) will change it to a different value. In addition, the content of hash data cannot be inferred from the hash for any actual purpose. Therefore, this is the best way to detect tampering.

3. Encrypttion

Ensure that the transmitted information is protected. In other words, the plaintext information cannot be read during transmission.

2. Prepare

Contact the Partner to obtain the following information:

1. Obtain the Cert File and specify the purpose of the certificate.

2. Obtain the URL sent and received by PIP.

The following uses Intel Special Testing as an example.

The above is the certificate level information. Pay attention to the certificate level relationship.

URL	Https://b2btpacons.intel.com/servlet/TAW? Timeout = 300
Cert File	Intel CONS Test Cert. p7b
Cert hierarchy	Equifax Secure Certificate Authority
	Intel External Basic Policy CA
	Intel External Basic Issuring CA 3A
	B2btpacons.intel.com

3.Certificate Configuration

Gateway SSL Certificate Installation

On the Gateway server, right-click the Certificate file: Intel CONS Test Cert. p7b. Import the certificate according to the certificate import wizard.

Certificate import wizard

Automatically select a storage directory

Import completed

Verify that the import is successful. Use IE to browse the URL provided by Intel:

Https://b2btpacons.intel.com/servlet/TAW? Timeout = 300. If no warning box is displayed, the import is successful.

Install the App Signature certificate

Equifax root certificate is installed by default on windows machines. Therefore, for Intel certificate installation, you only need to import the other three certificates: two Secondary Certificates and one subcertificate.

Start Menu-> Run, enter mmc to bring up the console interface

In the console window, choose File> Add/delete Management Unit. In the displayed window, click Add to add an independent management unit and select certificate. Click Add.

In the certificate management unit window, select a computer account

Select Local Computer

The following window appears to ensure that the root node is a local computer.

Start to import the certificate, import the two level-2 certificates to the intermediate Certificate Authority, right-click the intermediate Certificate Authority-> all tasks-> Import, select the certificate to import, for more information about how to import an SSL Certificate, see import an SSL certificate.

Make sure that the certificate is importedOthersDirectory, the import steps are as follows:

You can also directly import the p7b Certificate file. The preceding steps are used to demonstrate detailed import steps and perform segmented actions.

4.RosettaNetConfiguration

Start-> Microsoft BizTalk Accelerator for RosettaNet 3.3-> BizTalk Accelerator for RosettaNet Management Console open the RosettaNet Console

4.1 create an Intel Partner

On the console, expand BizTalk Accelerator for RosettaNet, select Partners, right-click, create a Partner, and enter relevant information. configure the signature/encryption certificate as needed. for example, Intel selects the signature certificate just imported.

4.2 create an Agreement

Right-click Agreement, create Agreement, and fill in relevant information,

Enter the Agreement Name, select PIP, Partner, RNIF version, and so on.

Example:

Name	Intel_To_KWE_3B12
Process Cfg	INTEL_STD_3B12_V01.01	Select 3B12 PIP. The version is V01.01.
My organization	KWE
Partner	INTEL
RNIF Version	V01.10.00	Select the RNIF version number.
Home Role	Shipping Provider (Responder)	For 3B12, KWE is the responder

Enter the URL provided by Intel. Note that the three URLs are the same in general.

After completing the preceding configuration, right-click the created Agreement and select Active. Then, enter iisreset in the Console to restart IIS, restart BizTalk, and modify the application.