AS4 host

AS4 is a secure, standardized messaging protocol designed for B2B data exchange. This article describes how Cleo Harmony supports communications using the AS4 protocol.

Connector Access & Licensing

Connectors require separate licenses and are governed by commercial terms. Although all connectors are accessible in-product by default, usage beyond the Customer’s contract is subject to audit and adjustment.

For compliance or subscription inquiries, please contact Cleo Sales.

AS4 Configuration

This section describes how to configure a generic AS4 host.

Click the Templates tab in the tree pane.
If necessary, expand the Hosts tree in the Templates tab to find the host you want to use.
Right-click the host and select Clone and Activate.

The entire pre-configured host branch (including a mailbox and actions) is copied and activated, the Active tab is selected in the tree pane, and the new active host is selected in the tree. If necessary, you can append the new active host alias with a number to make it unique.

Note: The original pre-configured host remains in the pre-configured tree.
Enter host-level configuration information.
1. Click the new host in the tree pane.
2. Enter host-level configuration information on the tabs in the content pane. See AS4 Host configuration.
3. Click Apply to save your work.
Enter mailbox-level configuration information.
1. Click the mailbox under your host in the tree pane.
2. Enter mailbox-level configuration information on the tabs in the content pane. See AS4 Mailbox configuration.
3. Click Apply to save your work.
Enter action-level configuration information.
1. Click an existing mailbox action to display its configuration tabs. Alternatively, right-click the mailbox and select New Action.
2. Edit action information on the tabs in the content pane. See AS4 Action configuration.
3. Click Apply to save your work.
Click Apply to save your work.

Important: If you leave any of these panels without clicking Apply, your work will not be saved. You can configure the product to prompt to you click Apply if you try to leave the page. However, in the web UI, if you make updates to a host and then click a part of the product not related to a host, for example any of the buttons in the banner, the product will not prompt you to click Apply and your updates will not be saved.

AS4 Host configuration

The following sections describe how to configure the generic AS4 hosts. A host describes your trading partner's remote server to which messages are sent. The host's parameters specify its location and how it is reached.

AS4 Host: General Tab

The host General tab for an AS4 Host contains the fields described in detail below. The default values of these fields vary depending on whether the host is generic or pre-configured. For pre-configured hosts, these typically remain unchanged unless you need to either connect through a forward proxy or change the Default Directories.

Setting

Details

Server Address

Either a fully qualified name (recommended) or an IP address.

This is the address of your trading partner's server that will receive your messages.

Port

The port on the server where your trading partner will receive your messages.

Note: The Server Address and Port settings are reflected as read-only through the PMode.Protocol.Address setting.

Connection Type

The kind of connection you want to use for this host.

Possible values:

System Default - See for information about setting the system default.
Direct Internet Access or VPN - Use either a direct connection to the internet or a VPN.

Default value: System Default

Forward Proxy

The address of the forward proxy you want to use for this host.

Select the System Default check box to use the default proxy. See Configuring for a proxy for information about specifying a default proxy.

Default Directories

Modify the default directories, if necessary. You can use macro variables from the drop-down lists. See Using Macro Variables for a list of the applicable macros (Default Host Directory context) and example usage. For Cleo VLTrader and Cleo Harmony, see URI File System interface overview for information about how you can use a Cleo-provided or custom URI for the Inbox and Outbox. See Specifying default host directories for information about setting up system-level directories and custom directory macro variables.

Note: If the host is has an external association, the default directories might be managed outside of VersaLex and not shown here.

Directory	Details
Inbox	Default directory for incoming files. Enter a value directly or click … to navigate to and select a directory. Possible values: Any local or shared directory. Default value: `inbox\`
Outbox	Default directory for outgoing files. Enter a value directly or click … to navigate to and select a directory. Possible values: Any local or shared directory. Default value: `outbox\`
Sentbox	If specified, default directory for retaining sent files. Files are a copy of the original source file; any file manipulations performed as part of the send are not reflected in the sentbox copies. Enter a value directly or click … to navigate to and select a directory. Possible values: Any local or shared directory. Default value: No default value.
Receivedbox	If specified, default directory for retaining received files. Files are a copy of the final destination file; any file manipulations performed as part of the receive are reflected in the receivedbox copies. Enter a value directly or click … to navigate to and select a directory. Possible values: Any local or shared directory. Default value: No default value.

AS4 Host: AS4 Tab

Use the AS4 tab to specify values for AS4-specific parameters.

Setting Details

Overwrite duplicate file names

Allows for unique naming of stored files. When this check box is selected, any files that exist in the specified inbox will be overwritten. When the check box is cleared, an incoming file with the same name as one that already exists is made unique according to the Unique File Algorithm as set under System Options > Other .

Note: This setting does not apply to inbound database payload.

Use default file name

Select the check box and specify the name you want to use for incoming files by default.

You can use any of the supported macros (Destination File context) allowing for the incoming file to be named, for example, with a date-time stamp. For more information about macro variables and the destination file context, see Using macro variables .

Note: This setting does not apply to inbound database payload.

If you select Use default file name and your default string includes any variant of the %sourcefile% macro, the source file name is determined as follows:

If the Content-Disposition header exists and it contains a "filename" attribute, then this value is used.
If the Content-Type header exists and it contains a "name" attribute, then this value is used.
If the Content-Id header exists, then this value is used.

If you do not select Use default file name, then the incoming file name will be determined as follows:

If the Content-Disposition header exists and it contains a "filename" attribute, then this value is used.
If the Content-Type header exists and it contains a "name" attribute, then this value is used.
If the Content-Id header exists, then use this value.
Otherwise, the incoming message ID, plus the ".file" extension is used.

Note: This setting does not apply to inbound database payload.

Note: When the incoming file is tied to an attachment, the Content-xxx headers are those that directly precede the attachment. When the incoming payload is tied to a body payload, the Content-xxx headers are those at the top level of the HTTP request.

Note: For outbound, to add the setting of the "name" attribute on the Content-Type header, you can simply append it, along with an optional macro (Destination File context). For example, application/octetstream; name=%sourcefile%

AS4 Host: HTTP Tab

Use the AS4 tab to specify values for HTTP-specific parameters.

Setting Details

Outbound

Indicates whether you use SSL or not for outbound file transfers.

Option	Details
HTTP	Do not require use SSL

Option

Details

HTTP/s

Require SSL for outbound file transfers.

If you select HTTP/s, you can select Check certificate server name.

Inbound

Option	Details
HTTP/s only	Require your trading partner to use Secure Socket Layer (SSL) for inbound file transfers.

Command Lists the commands available to AS4. PUT will initiate a push operation and GET will initiate a pull operation.

Method Specifies the HTTP verb to be used. The only valid Method for AS4 commands is POST.

Path

The server Path for the command.

If the remote server is also using the VersaLex application, the path should be /as4. The resource path must be properly specified in order for your trading partner’s system to process messages from you. Given the URL provided by your remote trading partner in the form:

http(s)://remote-host:port/resource-path?optional-parameters

Enter the bolded portion in this field (if it was supplied).

Parameters

By default, no Parameters are specified for sending AS4 messages. If parameters are required, they must be obtained from your trading partner when the trading relationship is established. Given the URL provided by your remote trading partner in the form:

http(s)://remote-host:port/resource-path?optional-parameters

Enter the bolded portion in this field (if it was supplied).

Headers

The Header fields are filled in at the Mailbox level and specify values to be set in the HTTP headers that precede the body (actual content) of the message to be sent.

The following Header can optionally be specified when sending AS4 messages:

Content-Type - throughout the entire AS4 message, there are several Content-Type settings, many of which are predetermined and cannot be changed. This Content-Type header is used to control the value of the MimeType property, as packaged within <eb:PartInfo/eb:PartProperties/eb:Property@name>, along with the @MimeType attribute of the <xenc:EncryptedData> element when using SOAP with Attachments (SwA) packaging. The Content-Type value should represent the native format of the payload before any processing, for example, compression. If the payload format is unknown, a content-type setting of application/octet-stream is recommended as it generally represents all types of data. If this optional parameter is not specified, then a default is determined based on whether SOAP with Attachments (SwA) packaging (application/octet-stream) or <Body> payload (text/xml) is being used.

AS4 Host: Advanced Tab

While the fields on the host's Advanced tab typically do not affect your ability to connect to a host, you might want to change some of these settings when configuring a runtime environment.

See Setting advanced host properties for information about how to use and set the properties supported in all protocols. Properties available for AS4 include:

Setting	Details
Add Mailbox Alias Directory to Inbox	Appends a subdirectory at the end of the host's configured inbox directory. This allows files received through different mailboxes to be kept separate. Possible values: `On` or `Off` Default value: `Off`
Add Mailbox Alias Directory to Outbox	Appends a subdirectory at the end of the host's configured outbox directory. This allows files to be sent through different mailboxes to be kept separate. Possible values: `On` or `Off` Default value: `Off`
Add Mailbox Alias Directory to Receivedbox	Appends a subdirectory at the end of the host's configured receivedbox directory. This allows files that have been sent through different mailboxes to be kept separate. Possible values: `On` or `Off` Default value: `Off`
Add Mailbox Alias Directory to Sentbox	Appends a subdirectory at the end of the host's configured sentbox directory. This allows files that have been sent through different mailboxes to be kept separate. Possible values: `On` or `Off` Default value: `Off`
Allow Actions To Run Concurrently	Normally, actions and host actions within the same host are allowed to run concurrently. You can use this property to not allow actions and host actions to run concurrently. Note: This is a Cleo Harmony and Cleo VLTrader option. Possible values: `On` or `Off` Default value: `On`
Bundle All Outbox Files For Pull Operations	Indicates whether all files within the outbox should be returned in response to a Pull Request Signal. When off, only a single file will be returned within the packaged User Message response. This file will always be the oldest file in the outbox. When on, all files in the outbox will be returned within the packaged User Message response. Possible values:`On` or `Off` Default value: `Off`
Command Retries	If an error or exception occurs during a command, the number of times the command should be retried. Note: Command Retries does not apply to exceptions related to TCP/IP or ISDN dial-up connections. This is because dial-up connections are managed by the framework so that they can be shared across actions. This value is reflected as read-only through the PMode.ReceptionAwareness.Retry and PMode.ReceptionAwareness.MaxRetries settings. Possible values: `0` - `n` Default value: `0`
Connection Timeout	The amount of time allowed for each read operation. Possible values: `0` - `n` seconds `0` indicates no timeout Default value: `150` seconds
Do Not Send Zero Length Files	Indicates whether zero length files to be sent to the server should be ignored rather than processed. If the `-DEL` option is being used, any zero length file ignored will also be deleted. Possible values: `On` or `Off` Default value: `Off`
Email On Check Conditions Met	Send an email notification after running a CHECK command where the overall conditions of the check are met. See Configuring email or execute based on results . Note: This is a Cleo Harmony and Cleo VLTrader option. Possible values: Email addresses separated by commas (,), semicolons (;), or colons (:). The first address should be an internal email address. Default value: The value specified for this property on the Options > Advanced panel (if set).
Email On Check Conditions Not Met	Send an email notification after running a CHECK command where the overall conditions of the check are not met. See Configuring email or execute based on results . Note: This is a Cleo Harmony and Cleo VLTrader option. Possible values: Email addresses separated by commas (,), semicolons (;), or colons (:). The first address should be an internal email address. Default value: The value specified for this property on the Options > Advanced panel (if set).
Email On Fail	If an error occurs during a command, email the error condition. See Configuring email or execute based on results . Possible values: Email addresses separated by commas (,), semicolons (;), or colons (:). The first address should be an internal email address. Default value: The value specified for this property on the Options > Advanced panel (if set).
Email On Flag	If a flagged event occurs, email the event. See Configuring email or execute based on results . Possible values: Email addresses separated by commas (,), semicolons (;), or colons (:). The first address should be an internal email address. Default value: The value specified for this property on the Options > Advanced panel (if set).
Email On Repetitive Action Failures	When "Email On Fail" is enabled and the same failure occurs each time an action is run for a specific host, leaving this option unchecked suppresses emailing of the same alert multiple times. Note: This feature only suppresses multiple emails if the same failure occurs multiple times in a row. Suppression is not maintained across synchronized hosts. Possible values: `On` or `Off` Default value: `On`
Email On Successful Copy	Send an email notification after copying a file using LCOPY. See Configuring email or execute based on results . Possible values: Email addresses separated by commas (,), semicolons (;), or colons (:). The first address should be an internal email address. Default value: The value specified for this property on the Options > Advanced panel (if set).
Email On Successful Receive	Send an email notification after successfully receiving a file. See Configuring email or execute based on results . Possible values: Email addresses separated by commas (,), semicolons (;), or colons (:). The first address should be an internal email address. Default value: The value specified for this property on the Options > Advanced panel (if set).
Email On Successful Send	Send an email notification after successfully sending a file. See Configuring email or execute based on results . Possible values: Email addresses separated by commas (,), semicolons (;), or colons (:). The first address should be an internal email address. Default value: The value specified for this property on the Options > Advanced panel (if set).
Execute On Check Conditions Met	After executing a CHECK command where the overall conditions are met, run a system command. See Configuring email or execute based on results . Note: This is a Cleo Harmony and Cleo VLTrader option. Note: If multiple files contribute to the conditions being met and one of the file macros is in the command (for example, %file%), the system command is executed once for each file. Possible values: System command to be executed. Default value: The value specified for this property on the Options > Advanced panel (if set).
Execute On Check Conditions Not Met	After executing a CHECK command where the overall conditions are `not` met, run a system command. See Configuring email or execute based on results . Note: This is a Cleo Harmony and Cleo VLTrader option. Possible values: System command to be executed. Default value: The value specified for this property on the Options > Advanced panel (if set).
Execute On Fail	If an error occurs during a command, run a system command. See Configuring email or execute based on results . Possible values: System command to be executed. Default value: The value specified for this property on the Options > Advanced panel (if set).
Execute On Repetitive Action Failures	When Execute On Fail is enabled and the same failure occurs each time an action is run for a specific host, leaving this option unchecked suppresses multiple executions of the Execute On Fail command. If suppression continues after 24 hours, the suppressed command is executed every 24 hours and after a system restart if the failure occurs again. When the failure is resolved, the command is executed again. Users must account for this by including the %status% macro variable (see Using macro variables ) and then checking for success or failure. Note: This feature only suppresses multiple executions if the same failure occurs multiple times in a row. Suppression is not maintained across synchronized hosts. Possible values: `On` or `Off` Default value: `On`
Execute On Successful Copy	After successfully copying a file using LCOPY, run a system command. This command may be used for post-processing the file. See Configuring email or execute based on results . Possible values: System command to be executed. Default value: The value specified for this property on the Options > Advanced panel (if set).
Execute On Successful Receive	After successfully receiving a file, run a system command. This command may be used for post-processing the file. See Configuring email or execute based on results . Possible values: System command to be executed. Default value: The value specified for this property on the Options > Advanced panel (if set).
Execute On Successful Send	After successfully sending a file, run a system command. This command may be used for post-processing the file. See Configuring email or execute based on results . Possible values: System command to be executed. Default value: The value specified for this property on the Options > Advanced panel (if set).
Fixed Record EOL Characters	End-of-line characters to be inserted and/or deleted. Possible values: `0` to `n` characters. Special character sequences: `\r` - carriage return `\n` - new line (linefeed) `\f` - form feed `\t` - horizontal tab `\0` - null `\\` - backslash
Fixed Record Incoming Delete EOL	If Fixed Record EOL Characters has been specified and Fixed Record Length is greater than 0, indicates to look for and delete EOL characters while receiving a file. Note: When using FTP ASCII mode, standard EOL characters may already be changing if transferring between Windows and Unix platforms. Possible values: `On` or `Off` Default value: `Off`
Fixed Record Incoming Insert EOL	If Fixed Record EOL Characters has been specified and Fixed Record Length is greater than 0, indicates to insert EOL characters while receiving a file. Fixed Record Incoming Delete EOL and Fixed Record Incoming Insert EOL are mutually exclusive properties. Possible values: `On` or `Off` Default value: `Off`
Fixed Record Length	The fixed record length after which end-of-line characters need to be inserted and/or deleted. Possible values: `0` - `n` Default value: `0`
Fixed Record Outgoing Insert EOL	If Fixed Record EOL Characters has been specified and Fixed Record Length is greater than 0, indicates to insert EOL characters while sending a file. Note: When using FTP ASCII mode, standard EOL characters may already be changing if transferring between Windows and Unix platforms. Possible values: `On` or `Off` Default value: `Off`
High Priority	Indicates whether incoming and/or outgoing transfers through the host should be treated as high priority. When both high priority and regular priority transfers are active, the high priority transfers get a larger portion of the available bandwidth. Go to Configure > Options > Other to set the `High Priority Transfers Percentage Available Bandwidth` (defaults to 75). See Other system options for more information. Note: This is a Cleo Harmony and Cleo VLTrader option. Warning: If the trading partner’s bandwidth (and not Cleo Harmony's or Cleo VLTrader’s) is limiting the transfer rate, then setting High Priority will not increase the transfer rate and will only result in potentially slowing down other Cleo Harmony or Cleo VLTrader transfers. Also, do not attempt to set High Priority Incoming or Outgoing on a host where the same instance of Cleo Harmony or Cleo VLTrader is both the client and server (for example, a local looptest). Possible values: `Incoming` `Outgoing` `Both`
Include Failure In Subject Of Email	When specified, the exception message will be included in the email that is generated on failure. Note: If the exception message exceeds 256 characters, it will be truncated. Possible values: `On` or `Off` Default value: The value specified for this property on the Options > Advanced panel
LCOPY Archive	If specified, contains the directory for archiving LCOPY source files. Possible values: Any local or shared directory. Macros can be used. See Using macro variables (LCOPY Archive context). Default value: The value specified for this property on the Options > Advanced panel, if any.
Log Individual LCOPY Results To Transfer Logging	When this option is enabled, a `<send>` and `<receive>` result is logged to the transfer log for each file copied. Note: This is a Cleo Harmony and Cleo VLTrader option. Possible values: `On` or `Off` Default value: `Off`
Macro Date Format	Specifies the date format to be used when the `%date%` macro is used. Possible values: See Using macro variables for information about usage and possible date/time formats. Default value: The value specified for this property on the Options > Advanced panel, if any.
Macro Time Format	Specifies the time format to be used when the `%time%` macro is used. Possible values: See Using macro variables for information about usage and possible date/time formats. Default value: The value specified for this property on the Options > Advanced panel, if any.
Maximum Incoming Transfer Rate (kbytes/s)	Sets the maximum incoming transfer rate in Kbytes (1024 bytes) per second for each mailbox or host. The default value of `0` does not limit the transfer rate. The system Maximum Incoming Transfer Rate value is used unless this setting is more restrictive. For simultaneous transfers, the number of active transfers also affects individual transfer rates. See Advanced system options . Possible values: `0` - `n` Default value: `0`
Maximum Outgoing Transfer Rate (kbytes/s)	Sets the maximum outgoing transfer rate in Kbytes (1024 bytes) per second for each mailbox or host. The default value of `0` does not limit the transfer rate. The system Maximum Outgoing Transfer Rate value is used unless this setting is more restrictive. For simultaneous transfers, the number of active transfers also affects individual transfer rates. See Advanced system options for more information. Possible values: `0` - `n` Default value: `0`
Outbox Sort	Controls the order in which multiple files are transferred for a PUT command. If `System Default` is specified, the value set on the Configure > Options > Advanced tab takes precedence. For alphabetical ordering, file extensions are not used unless required to make filenames unique. Possible values: `System Default` `Alphabetical` `Date/Time Modified` Default value: `System Default`
Outgoing Insert EOL Between Interchanges	If `Fixed Record Outgoing Insert EOL` is active, indicates to also insert EOL characters between EDI interchanges while sending the file. Possible values: `On` or `Off` Default value: `Off`
Perform Schema Validation	When selected, inbound XML content — on both requests and responses — is processed through XML schema validation. Possible values: `On` or `Off` Default value: `On`
PGP Compression Algorithm	Compression method used when OpenPGP packaging (with compression) is requested through the Mailbox Packaging tab. See Configuring mailbox packaging . If `System Default` is specified, the value set on the Configure > Options > Advanced tab is in effect. Possible values: `System Default` `ZIP` `ZLIB` Default value: `System Default`
PGP Encryption Algorithm	Encryption method used when OpenPGP packaging (with encryption) is requested through the Mailbox Packaging tab. See Configuring mailbox packaging . If `System Default` is specified, the value set on the Configure > Options > Advanced tab takes precedence. Possible values: `System Default` `TripleDES` `Blowfish` `CAST5` `DES` `AES-128` `AES-192` `AES-256` `Twofish` Default value: `System Default`
PGP Hash Algorithm	Signing method used when OpenPGP packaging (with signing) is requested through Configuring mailbox packaging . If `System Default` is specified, the value set on the Configure > Options > Advanced tab takes precedence. Possible values: `System Default` `MD2` `MD5` `RIPE-MD-160` `SHA-1` `SHA-256` `SHA-384` `SHA-512` Default value: `System Default`
PGP Integrity Check	When OpenPGP encrypting (see Configuring mailbox packaging ), include an integrity check on encrypted data. Can be disabled for compatibility with certain OpenPGP implementations. Possible values: `On` or `Off` Default value: `On`
PGP Signature Verification	Indicates whether signed inbound PGP messages should be verified when inbound OpenPGP packaging is requested through the Mailbox Packaging tab. See Configuring mailbox packaging . In general, this property should be enabled. Possible values: `On` or `Off` Default value: `On`
PGP V3 Signature
Put Multiple Files Limits	Limits the number of files included in each generated multipart message when using the PUT -MUL option. The limit is only applied when sending out of a single directory; when sending multipart out of separate subdirectories, the files are kept as a group and not broken up into separate messages. Possible values: `-1` - `n` `-1` indicates no limit. Default value: `-1`
Reset Connection After Timeout On Response	When enabled will cause an immediate reset on the socket (instead of a graceful close) when a `SocketTimeoutException` occurs. Possible values: `On` or `Off` Default value: `Off`
REST Enabled	Allows the host to be accessible through the REST API. This feature is only supported on AS2, AS4, FTP and SSH FTP and only when the host has exactly one mailbox. When this setting is enabled, new mailboxes cannot be created and the existing mailbox cannot be cloned, disabled, or removed. Possible values: `On` or `Off` Default value: `On` for AS2, AS4, FTP and SSH FTP when the host has exactly one mailbox. `Off` in all other cases.
Retry Delay	The amount of time (in seconds) before a retry should be attempted. Possible values: Any value greater than zero. Default value: `60 seconds`
Reuse SSL Sessions Across Actions	If selected, SSL sessions from previous connections to the same destination (address and port number) may be resumed to avoid costly negotiation. If unselected, only SSL sessions used in the current action to the same destination may be resumed. When unselected, a new SSL session is created for the initial command port connection. Possible values: `On` or `Off` Default value: `On`
Security Token Reference Type	Controls the type of security token reference that is placed in outgoing User Messages and Receipt Signals. For more information on token references, see the OASIS “Web Services Security X.509 Certificate Token Profile” standard. Possible values: `Binary Security Token`, `Subject Key Identifier`, or `Issuer and Serial Number` Default value: `Binary Security Token`
SSL Allow Legacy Renegotiation	When selected, legacy renegotiation is allowed. If this property is not selected, the extension described in RFC5746 is used for renegotiation and the server must also support this extension. See RFC5746 for a description of the extension and the vulnerability it addresses. Possible values: `On` or `Off` Default value: `On`
SSL Cipher	Indicates a specific cipher to be used with the server for SSL key exchange, encryption, and hashing. If not set, the list of supported ciphers is presented to the server and the server picks one. Possible values: Any cipher from the supported list. If the server does not also support the cipher, an SSL handshake error will occur.
SSL Maximum Protocol Version	Specifies the maximum protocol version allowed. By default, this field is blank, designating that Cleo Harmony, Cleo VLTrader, or Cleo LexiCom will select the most recent version (currently TLS 1.2). Possible values: `SSL 3.0` `TLS 1.0 (SSL 3.1)` `TLS 1.1 (SSL 3.2)` `TLS 1.2 (SSL 3.3)`
SSL Minimum Encryption Key Size	Specifies the minimum encryption key size allowed when selecting an SSL cipher. To prevent use of low- or medium-strength ciphers, change from the default value of `0` to `112`, `128`, or `256` (depending on the requirement). Note that if this value is set too high, all ciphers are filtered out causing the `No suitable cipher suites are enabled` exception to occur. Possible values: `0` - `n` bits Default value: `0`
SSL Minimum Protocol Version	Specifies the minimum protocol version allowed. SSL 3.0 is the default value for compatibility with servers that do not support the more recent TLS versions 1.0, 1.1, and 1.2. Possible values: `SSL 3.0` `TLS 1.0 (SSL 3.1)` `TLS 1.1 (SSL 3.2)` `TLS 1.2 (SSL 3.3)` Default value: `SSL 3.0`
SSL Use Record Splitting	Indicates whether to use 1/n‑1 record splitting in CBC mode as a countermeasure against the Rizzo/Duong BEAST attack against the SSL 3.0 / TLS 1.0 protocol. Must be turned off if the SSL library on the other side of the connection does not support this feature. Possible values: `On` or `Off` Default value: `On`
Store Raw Ping Message	Indicates whether copies of the "raw" outgoing requests and corresponding incoming responses for PING operations are stored in the AS4\ping folder. These files can be useful in diagnosing problems; however, generally this property should be off to conserve disk space. Possible values: `On` or `Off` Default value: `Off`
Store Raw Sent Message	Indicates whether copies of the "raw" outgoing requests and corresponding incoming responses are stored in the AS4\sent+received folder. These files can be useful in diagnosing problems; however, generally this property should be `Off` to conserve disk space. Possible values: `On` or `Off` Default value: `Off`
Terminate On Fail	If an error occurs during a command, stop the action. Note: Regarding non‑CHECK commands: when `Terminate On Fail` is on and a command fails, `Email On Fail` and `Execute On Fail`, if set, are processed and then the action stops. When it is off, those settings are processed and the action continues. Regarding CHECK commands: `Terminate On Fail` is honored only if the `ConditionsMet` parameter is set and the result of the CHECK is classified as `Error`. The CHECK command is only available in Cleo Harmony and Cleo VLTrader. Possible values: `On` or `Off` Default value: `On`
Unzip Use Path	Indicates whether zip entry paths should be used for LCOPY -UNZIP operations. When enabled, the entry's path is added to the destination path unless the entry contains an absolute path, in which case the absolute path is used. Possible values: `On` or `Off` Default value: `On`
Use MIME Packaging For Signal Messages	Indicates whether MIME packaging should be used for signal messages (Receipt Signals, Error Signals, and Pull Request Signals). Possible values: `On` or `Off` Default value: `Off`
Use Soap With Attachments Formatting	Indicates whether Soap With Attachments (SwA) formatting should be used when packaging outgoing User Messages. For information on SwA formatting, see http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-SwAProfile.pdf . Possible values: `On` or `Off` Default value: `On`
Wait For Execute On	Indicates whether execution should wait for processing to complete within an Execute On Fail, Execute On Successful Copy, Execute On Successful Receive, or Execute On Successful Send command. This option does not apply to native AS400 execution. Possible values: `On` or `Off` Default value: `On`
XML Encryption Algorithm	The method used to encrypt/decrypt files when XML Encryption packaging is requested through the Mailbox Packaging tab. See Configuring mailbox packaging . If `System Default` is specified, the value set on the Configure > Options > Advanced tab takes precedence. Possible values: `System Default` `TripleDES` `AES-128` `AES-192` `AES-256` Default value: `System Default`
Zip Comment	Specifies the comment to be added to the zip archive file in LCOPY -ZIP operations. Default value: The value specified for this property on the Options > Advanced panel, if set.
Zip Compression Level	Controls the level of compression for LCOPY -ZIP operations. If `System Default` is specified, the value set on the Configure > Options > Advanced tab takes precedence. Possible values: `System Default` `9` – Best Compression `8` `7` `6` `5` `4` `3` `2` `1` `0` – No Compression Default value: `System Default`
Zip Subdirectories Into Individual Zip Files	Indicates whether subdirectories should be bundled for LCOPY -ZIP -REC operations. When enabled, each first-level subdirectory (and all of its descendants) is bundled into an individual zip file. Files directly under the source root directory are not copied. Possible values: `On` or `Off` Default value: `On`

AS4 Mailbox configuration

Mailbox parameters allow you access to the remote host and define the security of files being sent.

AS4 Mailbox: AS4 Tab

The mailbox's AS4 tab allows you to to configure a Usage Profile, along with all the associated AS4 Processing Mode (P-Mode) settings.

Setting	Details
Usage Profile	To assist with configuring all required P-Mode settings, you can select a profile that provides default values for many P-Mode fields. Available profiles: AS4 profile eDelivery profile PEPPOL profile
Profile	Displays the name of the current profile. The initial setting for this field is `None`. Although it is not required to select a profile, it is recommended.
Set Profile Defaults…	Click this button to display a list of profiles from which you can load processing mode settings. Note: The settings configured here override any existing settings already in place.
Ping…	Runs a connectivity test by sending a User Message with a single dynamically generated payload wrapped in PING.xml. This operation complies with the eDelivery 1.14 “Test Service” feature. All mailbox P-Mode and host Advanced properties (signing, encryption, compression, etc.) are applied. PING operations are not logged as transfers and do not appear in reporting. If Store Raw Ping Message is enabled, inbound payloads are written to AS4/ping. If receipts are exchanged and raw storage is enabled, they are stored under AS4/ping/receipts.
Processing Mode (P‑Mode) parameters	Defines how User Messages and Signal Messages are processed, including expected message elements and processing behavior. This section is organized into tabs containing related AS4 P‑Mode settings defined by AS4 specifications.
General tab	Contains identifiers, party definitions, roles, authorization credentials, and message exchange patterns used to associate inbound and outbound messages with the correct mailbox. These settings determine how messages are routed and validated and must be unique across AS4 mailboxes to prevent ambiguity.
Protocol tab	Defines protocol‑level properties such as server address and SOAP version. These values are read‑only and derived from host configuration.
Business Info tab	Specifies service, action, and message properties used to route User Messages to the correct business process. Note: For eDelivery and PEPPOL profiles, the originalSender and finalRecipient properties are required.
Error Handling tab	Controls how errors are reported and whether producers and consumers are notified of processing and delivery failures. Most settings are read‑only and always enabled by design.
Security tab	Governs signing, encryption, certificates, receipts, and authentication mechanisms such as WS‑Security UsernameTokens. Security options apply to both sending and receiving message handlers where applicable.
Payload Service tab	Determines whether User Message payloads are compressed or sent uncompressed.
Reception Awareness tab	Controls receipt enforcement, retry behavior, duplicate detection, and retry timing when acknowledgements are not received. Retry values are derived from host Advanced settings and are read‑only in this context.

AS4 Mailbox: Certificates Tab

Use this tab to associate a trading partner's signing and encryption certificates with this mailbox and to override your own Local Listener's signing and encryption certificates, if necessary.

Acquire your trading partner's signing/encryption certificates and provide your trading partner with your signing/encryption certificates. See Acquiring your trading partner's signing and encryption certificates and Creating and providing your signing/encryption certificates.

Setting	Details
Trading Partner’s Certificates	Certificates used to encrypt outbound messages and validate signatures received from your trading partner.
Encryption Certificate	The name of the file containing your trading partner’s encryption certificate. The public key of this certificate is used to encrypt payloads of outgoing User Messages. Specify a value or select Browse to locate the file. Note: This value is reflected as read-only through the PMode.Security.X509.Encryption.Certificate setting.
Signing Certificate	Select the check box to enable the field. The name of the file containing your trading partner’s signing certificate. The public key of this certificate is used to validate incoming signatures. Specify a value or select Browse to locate the file. Note: If a signing certificate is not provided, signed incoming content must include a `<wsse:BinarySecurityToken>` element containing the certificate. That certificate’s public key is then used for signature validation. Note: This value is reflected as read-only through the PMode.Security.X509.Signature.Certificate setting.
Use encryption certificate	Indicates that your trading partner uses the same certificate for signing and encryption. When selected, the Signing Certificate field is populated automatically using the value from Encryption Certificate.
My Certificates	Certificates used by your system for signing outbound messages and decrypting inbound messages for this trading partner.
Override Local Listener Certificates	Enables the use of partner-specific signing and encryption certificates instead of the Local Listener defaults. See Configuring certificates for Local Listener . If default certificates are overridden, you must exchange the certificates specified here with your trading partner.
Signing Certificate Alias	The name of the signing certificate registered in the VersaLex Certificate Manager. This certificate is used to sign selected components of outbound User Messages and Receipt Signals, based on `PMode.Security.X509.Sign` settings. Select Browse to choose a certificate and enter the Password for its private key.
Encryption Certificate Alias	The name of the encryption certificate registered in the VersaLex Certificate Manager. This certificate is used to decrypt inbound User Messages. Select Browse to choose a certificate and enter the Password.
Use signing certificate	When selected, the same certificate is used for signing and decrypting messages. The Encryption Certificate Alias and its password are populated automatically and disabled.
Exchange Certificates	Opens the Certificate Exchange dialog box. If you override Local Listener certificates, the alternate certificates must be exchanged with your trading partner.

AS4 Mailbox: HTTP Tab

The mailbox's HTTP tab allows you to configure a Content-Type setting that can be used to control several values within the packaging.

It is recommended that you set this type according to the native payload type, before any processing, for example, compression. If the payload type is unknown, a content-type setting of application/octet-stream is recommended as it generally represents all types of data. If this optional parameter is not specified, then a default is determined based on whether SOAP with Attachments (SwA) packaging (application/octet-stream) or <Body> payload (text/xml) is being used.

To control the setting of the CharacterSet property within the <eb:PartProperties>, you can append a charset parameter after the content-type value. For example, application/octet-stream;charset=UTF-16. In this case, CharacterSet will be set to UTF-16. If you do not add this optional parameter, CharacterSet defaults to UTF-8.

AS4 Mailbox: Security Tab

The HTTP and HTTP/s radio buttons are read-only. They reflect the settings from the host HTTP tab.

If HTTP is selected, no further action is necessary on this tab.

If HTTP/s is selected, the target server can issue client certificates. In this case, import the client certificate using Certificate Manager (See Certificate management) and then specify (or browse for) the imported Certificate Alias and Password.

AS4 Mailbox: Packaging Tab

See Configuring mailbox packaging for information regarding packaging of payload files.

AS4 Action configuration

An action's parameters define a repeatable transaction for your mailbox designated for the host system.

AS4 Action: Action Tab

See Composing an action and AS4 Command Reference. See AS4 Host: Advanced Tab for information about the available property values.

AS4 Command Reference

PUT

Send one or more files to the bank server.

PUT -MUL -DEL "source"

Option / Parameter Details

-MUL Sends multiple files as a single payload using attachments.

-DEL If the PUT command completes successfully, deletes the local source file.

"<var class="keyword varname">source</var>"

Specifies the local source path.

The path can refer to a single file or to a directory.
Wildcards (*, ?) and regular expressions are supported in filenames. See Using wildcards and regular expressions for details.
If a relative path is specified, the default outbox is used.
Macro variables are supported. See Using macro variables (Source File context) for applicable macros.
If the path contains a space, dash (-), comma (,), or equals sign (=), it must be enclosed in double quotes ("...").

Note: The PUT command wizard displays an optional mpc parameter. This parameter is reserved for future use and is not currently used.

GET

The GET command causes an AS4 Pull Request to be issued to the trading partner. The Pull Request synchronously returns one User Message, which may contain one or more payloads. Generally, the oldest payload on the trading partner's queue is returned.

GET

The GET command has no options because it always requests just a single User Message. There is an optional mpc parameter, however, that can be used to target a specific message partition channel. This value must match the PMode.BusinessInfo.MPC setting of your trading partner. When the mpc parameter is not specified, then PMode.Security.PModeAuthorize must be used to authenticate the request.

After the GET completes successfully, the source file is deleted by the trading partner.

Received file options, under AS4 Host > AS4 Tab, can be used to configure any special destination parameters for all received files, both solicited (through a GET command) and unsolicited (through a User Message push from the trading partner). See AS4 Host: AS4 Tab.

SET

Change an action property value. The new value only affects the commands that follow the SET.

SET property=value

Option / Parameter Details

property = value

Specifies an action property and the value to assign to it.

The property name must not contain embedded spaces.
The specified value remains in effect until it is set again or until the end of the action.
To reset a property back to its default value (host-level or system-level), use one of the following forms:
```
SET property
```
or
```
SET property=
```
To clear a string property entirely, use the CLEAR command.

CLEAR

Clear an action property string value. The cleared value only affects the commands that follow the CLEAR.

CLEAR property

Option / Parameter	Details
`property`	Specifies an action property name. The property name must not contain embedded spaces.

SYSTEM

Execute a local system command.

SYSTEM "path"

Option / Parameter Details

"path"

Specifies the local command path, including any arguments.

If you specify a relative path or no path, the command uses the Cleo Harmony, Cleo VLTrader, or Cleo LexiCom home directory.
For more information, see Using operating system commands in actions .

WAIT

Pause execution.

WAIT seconds

Option / Parameter	Details
`Seconds`	Specifies the number of seconds to pause.

LCOPY

Copy one or more files locally.

LCOPY –DEL -REC {–UNI|–APE} {-ZIP|-UNZ} "source" "destination"

Option / Parameter	Details
-DEL	If the command is successful, delete the local file.
-REC	Recursively search all subdirectories. You cannot use this option with the `-UNZ` option.
-UNI	Ensure the copied filename is unique.
-APE	Append copied file to existing destination file.
-ZIP	Zip all the files into one or more ZIP archive files, depending on the destination specified. Specify ZIP comment and compression level through Zip Comment and Zip Compression Level properties. See Setting advanced host properties . The ZIP archive files created through the LCOPY command conform to the standard ZIP file format. Visit http://docs.oracle.com/javase/6/docs/api/java/util/zip/package-summary.html . The ZIP file format should not be confused with other popular file compression/archive formats such as GZIP, TAR, RAR, etc. The LCOPY command works only with ZIP‑formatted files. In addition to the VersaLexCleo HarmonyCleo VLTraderCleo LexiCom application, there are many other software packages that can read/write ZIP‑formatted files, for example, WinZip (Windows), File Roller (Linux), PKZIP and Info‑ZIP (Windows/Linux/other Unix). In addition to standard ZIP‑formatted archives, the VersaLexCleo HarmonyCleo VLTraderCleo LexiCom application also supports password‑based AES‑encrypted ZIP files (128‑bit, 192‑bit, and 256‑bit). See Cryptographic Services .
-UNZ	Unzip the source file(s). All source files must be ZIP archive files. You cannot use this option with the `-REC` option. Use ZIP entry paths if Unzip Use Path is set. See Setting advanced host properties . The ZIP archive files created through the LCOPY command conform to the standard ZIP file format (reference http://docs.oracle.com/javase/6/docs/api/java/util/zip/package-summary.html ). The ZIP file format should not be confused with other popular file compression/archive formats such as GZIP, TAR, RAR, etc. The LCOPY command works only with ZIP‑formatted files. In addition to the VersaLexCleo HarmonyCleo VLTraderCleo LexiCom application, there are many other software packages that can read/write ZIP‑formatted files, for example, WinZip (Windows), File Roller (Linux), PKZIP and Info‑ZIP (Windows/Linux/other Unix). In addition to standard ZIP‑formatted archives, the VersaLexCleo HarmonyCleo VLTraderCleo LexiCom application also supports password‑based AES‑encrypted ZIP files (128‑bit, 192‑bit, and 256‑bit). See Encryption of Zip Files for more information on this capability.
"<var class="keyword varname">source</var>"	Source path Path can be to a filename or to a directory You can use `*` and `?`, or a regular expression when you specify a filename. See Using wildcards and regular expressions for additional information. If you specify a relative path, the command uses the default inbox. You can use macro variables. See Using macro variables (Source File context) for a list of the applicable macros. If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
"<var class="keyword varname">destination</var>"	Destination path. Path can be to a filename or to a directory. If you specify a relative path, the command uses the default inbox. You can use macro variables. See Using macro variables (Source File context) for a list of the applicable macros. You can use a single `` within the destination path. In this context, it is not a wildcard. Rather, it is used to substitute a source file name or a source subdirectory name. When `` is used in conjunction with both the `-REC` and `-ZIP` options, and `Zip Subdirectories Into Individual Zip Files` is enabled, then `` is substituted with each first‑level subdirectory name. When `` is not used for bundling zipped subdirectories, it is used as a shortcut for the `%sourcefilename%` or `%srcfilename%` macro. Only one `*` is allowed in the destination path. See Setting advanced host properties . When copying a file without the `-APE` option, or when copying a file with the `-APE` option where the destination file does not already exist, a temporary file name is used while the copy operation is taking place. This temporary file is placed in the destination directory. Its name begins with the product name and ends with .tmp. Once the copy completes successfully, the temporary file is renamed to the destination name. If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

LDELETE

Delete one or more files locally.

LDELETE "source"

Option / Parameter Details

"source"

Source path.

Path can be a filename or a directory.
You can use * and ?, or a regular expression when you specify a filename. See Using wildcards and regular expressions for additional information.
If you specify a relative path, the command uses the default inbox.
Use of macro variables is supported. See Using macro variables (Source File context) for a list of the applicable macros.
If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

LREPLACE

Replace bytes in one or more files locally.

LREPLACE "source" Replace="input bytes" With="output bytes"

Option / Parameter Details

"source"

Source path.

Path can be to a filename or to a directory.
You can use * and ?, or a regular expression when you specify a filename. See Using wildcards and regular expressions for additional information.
If you specify a relative path, the command uses the default inbox.
You can use macro variables. See Using macro variables (Source File context) for a list of the applicable macros.
If the path contains a space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

"input bytes"

List of bytes to be replaced.

Comma separated list of byte values (0-255).
All bytes in comma-separated list must be found in the file in listed sequence in order to be replaced.

"output bytes"

List of bytes to be substituted for original input bytes.

Comma separated list of byte values (0-255).
If With parameter is omitted, then the input bytes are deleted from the file.

CHECK

See CHECK command for information about this advanced command.

SCRIPT

See to SCRIPT command for information about this advanced command.

AS4 Comment

# text...

Lines in the action starting with a # character are considered comments and will be ignored when the action executes. Lines starting with # are generally used for documentation purposes.

AS4 Configuration

AS4 Host configuration

AS4 Mailbox configuration

AS4 Action configuration

AS4 Command Reference

Comments

Contact Us

Email Us

Support Links

AS4 Configuration

AS4 Host configuration

AS4 Mailbox configuration

AS4 Action configuration

AS4 Command Reference

Related articles