| ... | @@ -18,9 +18,12 @@ The instructions in these guidelines use variables that must be replaced with th |
... | @@ -18,9 +18,12 @@ The instructions in these guidelines use variables that must be replaced with th |
|
|
|
|
|
|
|
- **`{ADMIN_USER}`**: Represents the admin user of the Linux terminal on the server.
|
|
- **`{ADMIN_USER}`**: Represents the admin user of the Linux terminal on the server.
|
|
|
- **`{DOMIBUS_SERVER_DIRECTORY}`**: This signifies the directory on your server where Domibus will be installed.
|
|
- **`{DOMIBUS_SERVER_DIRECTORY}`**: This signifies the directory on your server where Domibus will be installed.
|
|
|
- **`{DOMIBUS_HOSTNAME}`**: Denotes the public IP address of the server where you intend to install Domibus.
|
|
- **`{DOMIBUS_HOSTNAME}`**: Denotes the public IP address/hostname of the server where you intend to install Domibus.
|
|
|
- **`{DOMIBUS_PORT}`**: Represents the internet-accessible port that you will open for Domibus.
|
|
- **`{DOMIBUS_PORT}`**: Represents the internet-accessible port that you will open for Domibus.
|
|
|
- **`{DOMIBUS_ACCESS_POINT}`**: This is the designated name for your Domibus instance. Choose a clear and descriptive name, such as `france_ap`.
|
|
- **`{DOMIBUS_ACCESS_POINT}`**: This is the designated name for your Domibus instance. Choose a clear and descriptive name, such as `france_ap`.
|
|
|
|
- **`{CENTRAL_HOSTNAME}`**: Denotes the public IP address/hostname of the central Domibus server.
|
|
|
|
- **`{CENTRAL_PORT}`**: Represents the internet-accessible port of the central Domibus server.
|
|
|
|
- **`{CENTRAL_ACCESS_POINT}`**: This serves as the designated identifier for the central Domibus access point. It may be commonly referred to as `europe_ap` in some screenshots, however, please note that this is not the actual access point name, as we refrain from sharing sensitive information on this wiki
|
|
|
- **`{KEYSTORE_PASSWORD}`**: Refers to the password for your Java KeyStore.
|
|
- **`{KEYSTORE_PASSWORD}`**: Refers to the password for your Java KeyStore.
|
|
|
- **`{PRIVATE_KEY_PASSWORD}`**: Refers to the password for the private key within your Java KeyStore.
|
|
- **`{PRIVATE_KEY_PASSWORD}`**: Refers to the password for the private key within your Java KeyStore.
|
|
|
- **`{TRUSTSTORE_PASSWORD}`**: Refers to the password for your Java TrustStore.
|
|
- **`{TRUSTSTORE_PASSWORD}`**: Refers to the password for your Java TrustStore.
|
| ... | @@ -209,13 +212,21 @@ keytool -import -file {DOMIBUS_ACCESS_POINT}.cer -alias {DOMIBUS_ACCESS_POINT} - |
... | @@ -209,13 +212,21 @@ keytool -import -file {DOMIBUS_ACCESS_POINT}.cer -alias {DOMIBUS_ACCESS_POINT} - |
|
|
```
|
|
```
|
|
|
|
|
|
|
|
### B - Exchange certificate
|
|
### B - Exchange certificate
|
|
|
In order to establish communication with the central Domibus server, it's essential to exchange the previously generated certificate with the central team. To facilitate this process, the central team has prepared a [PDF tutorial](https://drive.google.com/file/d/1EooF5CQqeeBT_yfoKRHPJqXwr38-WQwN/view?usp=drive_link), available on page 7, outlining the necessary steps.
|
|
:computer:
|
|
|
|
|
|
|
|
As part of the certificate exchange procedure, you will be required to provide the address of the Domibus instance you are setting up. In return, the central team will furnish you with the address of the Central Domibus, referred to henceforth as **`{CENTRAL_DOMIBUS_HOST}`**. This mutual exchange ensures seamless communication between your Domibus instance and the central server.
|
|
In order to establish communication with the central Domibus server, it's essential to exchange the previously generated certificate with the central team. To facilitate this process, the central team has prepared a [PDF tutorial](https://drive.google.com/file/d/1EooF5CQqeeBT_yfoKRHPJqXwr38-WQwN/view?usp=drive_link), available on page 7, outlining the necessary steps.
|
|
|
|
|
|
|
|
You may need to use `scp` on your PC to copy this file from the server to your personal computer. For example:
|
|
During the certificate exchange process, you'll need to provide the certificate along with the following details:
|
|
|
|
- **`{DOMIBUS_HOSTNAME}`**
|
|
|
|
- **`{DOMIBUS_PORT}`**
|
|
|
|
- **`{DOMIBUS_ACCESS_POINT}`**
|
|
|
|
In return, the central team will provide you with the central certificate and the following information:
|
|
|
|
- **`{CENTRAL_HOSTNAME}`**
|
|
|
|
- **`{CENTRAL_PORT}`**
|
|
|
|
- **`{CENTRAL_ACCESS_POINT}`**
|
|
|
|
This mutual exchange ensures seamless communication between your Domibus instance and the central server.
|
|
|
|
|
|
|
|
:computer:
|
|
You may need to use `scp` on your PC to copy your certificate file from the server to your personal computer. For example:
|
|
|
|
|
|
|
|
```shell
|
|
```shell
|
|
|
scp {ADMIN_USER}@{DOMIBUS_HOSTNAME}:/opt/{DOMIBUS_SERVER_DIRECTORY}/domibus/keystores/{DOMIBUS_ACCESS_POINT}.cer /path/on/your/personal/computer
|
|
scp {ADMIN_USER}@{DOMIBUS_HOSTNAME}:/opt/{DOMIBUS_SERVER_DIRECTORY}/domibus/keystores/{DOMIBUS_ACCESS_POINT}.cer /path/on/your/personal/computer
|
| ... | @@ -325,19 +336,19 @@ Navigate to: |
... | @@ -325,19 +336,19 @@ Navigate to: |
|
|
|
|
|
|
|
Click on `+ New`
|
|
Click on `+ New`
|
|
|
|
|
|
|
|
Create a name such as `europe_ap` and set the endpoint with the `/domibus/services/msh` path.
|
|
Create a name such as **`{CENTRAL_ACCESS_POINT}`** and set the endpoint with the `/domibus/services/msh` path.
|
|
|
|
|
|
|
|
|
|
|
|
|
```http
|
|
```http
|
|
|
http://{CENTRAL_DOMIBUS_HOSTNAME}:{CENTRAL_DOMIBUS_PORT}/domibus/services/msh
|
|
http://{CENTRAL_HOSTNAME}:{CENTRAL_PORT}/domibus/services/msh
|
|
|
```
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
>**Note**:
|
|
>**Note**:
|
|
|
You can include the IP address of the specific Access Point you wish to establish communication with. However, in our scenario, it's essential to add only the IP address of the Central Access Point, which serves as the central hub.
|
|
You can include the IP address of the specific Access Point you wish to establish communication with. However, in our scenario, it's essential to add only the IP address of the Central Access Point, which serves as the central hub.
|
|
|
The `{CENTRAL_DOMIBUS_HOSTNAME}` and `{CENTRAL_DOMIBUS_PORT}` should be furnished by the Central Service Team, please refer on the section [3-B Exchange certificate](https://code.europa.eu/healthdataeu-nodes/hdeupoc/-/wikis/CrossBorder-Gateway/Domibus/Server-setup-guide#3-domibus-properties).
|
|
The `{CENTRAL_HOSTNAME}` and `{CENTRAL_PORT}` should be furnished by the Central Service Team, please refer on the section [3-B Exchange certificate](https://code.europa.eu/healthdataeu-nodes/hdeupoc/-/wikis/CrossBorder-Gateway/Domibus/Server-setup-guide#b-exchange-certificate).
|
|
|
|
|
|
|
|
Import the **`{CENTRAL_CERTIFICATE}`**
|
|
Import the central certificate
|
|
|
|
|
|
|
|
Scroll down to the `Identifiers` section, click on `+ New`, and add the Access Point name, which is **`{CENTRAL_ACCESS_POINT}`** and set this for the following properties:
|
|
Scroll down to the `Identifiers` section, click on `+ New`, and add the Access Point name, which is **`{CENTRAL_ACCESS_POINT}`** and set this for the following properties:
|
|
|
|
|
|
| ... | @@ -367,7 +378,7 @@ Feel free to choose the testing approach that suits your needs or test both. |
... | @@ -367,7 +378,7 @@ Feel free to choose the testing approach that suits your needs or test both. |
|
|
### 1 - Console Monitoring test
|
|
### 1 - Console Monitoring test
|
|
|
:computer:
|
|
:computer:
|
|
|
|
|
|
|
|
In the Domibus Console, navigate to the `Connection Monitoring` section and try sending a message to your own Access Point and to `europe_ap`. If the status shows as green for both, your Domibus server is ready for message exchange.
|
|
In the Domibus Console, navigate to the `Connection Monitoring` section and try sending a message to your own Access Point and to **`{CENTRAL_ACCESS_POINT}`**. If the status shows as green for both, your Domibus server is ready for message exchange.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| ... | @@ -415,11 +426,11 @@ http://{DOMBIS_HOSTNAME}:{DOMIBUS_PORT}/domibus/services/wsplugin |
... | @@ -415,11 +426,11 @@ http://{DOMBIS_HOSTNAME}:{DOMIBUS_PORT}/domibus/services/wsplugin |
|
|
<ns:From>
|
|
<ns:From>
|
|
|
<ns:PartyId type="urn:oasis:names:tc:ebcore:partyid-type:unregistered">{DOMIBUS_ACCESS_POINT}</ns:PartyId>
|
|
<ns:PartyId type="urn:oasis:names:tc:ebcore:partyid-type:unregistered">{DOMIBUS_ACCESS_POINT}</ns:PartyId>
|
|
|
```
|
|
```
|
|
|
For the `Recipient`, we can set the `europe_ap`:
|
|
For the `Recipient`, we can set the **`{CENTRAL_ACCESS_POINT}`**:
|
|
|
|
|
|
|
|
```xml
|
|
```xml
|
|
|
<ns:To>
|
|
<ns:To>
|
|
|
<ns:PartyId type="urn:oasis:names:tc:ebcore:partyid-type:unregistered">europe_ap</ns:PartyId>
|
|
<ns:PartyId type="urn:oasis:names:tc:ebcore:partyid-type:unregistered">`{CENTRAL_ACCESS_POINT}`</ns:PartyId>
|
|
|
```
|
|
```
|
|
|
|
|
|
|
|
##### E - Send the eDelivery Message:
|
|
##### E - Send the eDelivery Message:
|
| ... | |
... | |
| ... | | ... | |
