I have 8 working Mendelson AS2 partners set up but this last one is causing issues. We can send to them without issue, but here are the logs when they send to us.
Inbound transmission is a AS2 message [them-us], raw message size: 2.95 KB.
Inbound AS2 message is encrypted.
The inbound AS2 message data has been decrypted using the key "our-key", the encryption algorithm was "3DES", the key encryption algorithm was "RSA".
Inbound AS2 message is signed.
The sender used the algorithm "SHA1" to sign the inbound AS2 message.
Using certificate "their-key" to verify inbound AS2 message signature.
Verification of digital signature of inbound AS2 message failed message-digest attribute value does not match calculated value
I have imported their key the same way as every other partner, recreated the partner config, closed and reopened Mendelson AS2, rebooted the server, tried to partner with them on a different server also running Mendelson AS2, removed the key and partner then rebooted the server and set it all up again. Everything results in the same error you see at the bottom of the logs. Their cert has the right fingerprint and serial number.
Some help on where I can look to troubleshoot or a fix would be much appreciated. Thanks all, and be safe.
the digital signature ensures that the data is bytewise the same as it is sent on the sender side. If it is changed somethow, e.g. by a FTP process, linux/windows copy process or whatever that changes any byte in the data the signature cann ot be verified. There is no fix to this on your side, you just have to ensure that the data is not changed after it has been signed by your partner.
That you for your very helpful reply.
I learned my partner is using Linux. We are on Windows. Is it safe to say this partner is not compatible with us no matter what, and that is why this is failing with this error? We can send to him, but we get the above error when he sends to us.
I understand there is no fix on my side, but to share some data with my manager, where can I compare the sending partner's byte size vs the one we actually receive?
Once again, thanks for helping us out with this.
you can use wireshark, and your partner, too.