Peppol France PoC Release Discussion Channel #622
Replies: 2 comments 1 reply
-
|
Root certificate - "Peppol_POC_Root_TEST_CA.cer" and Intermediate certificate - "Peppol_FRPOC_AP_TEST_CA.cer" are included in the release Artifacts/Assets: https://github.com/OxalisCommunity/oxalis/releases/tag/v6.0.0-RC3 |
Beta Was this translation helpful? Give feedback.
-
|
Hi, For Oxalis 6.0.0-RC3 release version, support for Peppol France POC added. If its not mandatory then can we ignore these certificate related part without any changes in Oxalis.conf and proceed with release Oxalis 6.0.0-RC3. Regards, |
Beta Was this translation helpful? Give feedback.
-
|
Yes, you can ignore these. |
Beta Was this translation helpful? Give feedback.
-
Oxalis Community released Oxalis 6.0.0-RC3 and Oxalis-AS4 6.0.0-RC3 Release to support Peppol France PoC
This version of Oxalis use java 11 as baseline.
Before configuring "oxalis.conf", make sure that you received certificate zip from OpenPeppol Service desk after registration. Add PoC Certificate details in "oxalis.conf" (Keep rest of configuration "as-is" or as per your requirement):
oxalis.keystore {
path="PFR00000X.p12"
password = ""
key.alias = pfr00000X
key.password = ""
For the French PoC, OpenPeppol used self-signed CA "root" & "intermediate" certificates.
To make sure that Java Trust those certificates, you need to add certificate in java cacerts. You can extract "Peppol_POC_Root_TEST_CA.cer" and "Peppol_FRPOC_AP_TEST_CA.cer" from "ca-chain.cert.pem" which is available in cert ZIP which you received via email from OpenPeppol Service Desk. You also have to extract public key of your certificate which you received (available in format as PFR00000X.p12, X is placeholder).
You can use keytool to add POC "root" & "intermediate" certificates in cacerts (adjust it according to your requirement or you can use alternative way as well) :
keytool -import -noprompt -trustcacerts -alias Peppol_POC_Root_TEST_CA -file Peppol_POC_Root_TEST_CA.cer -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit
keytool -import -noprompt -trustcacerts -alias Peppol_FRPOC_AP_TEST_CA -file Peppol_FRPOC_AP_TEST_CA.cer -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit
keytool -import -noprompt -trustcacerts -alias PFR00000X -file PFR00000X.cer -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit
Replace "PFR00000X" with your certificate seat number. Replace "changeit" password if you are using different java keystore password.
In order to ensure/verify that certificates added correctly inside java "cacerts" run below command and search for alias (Peppol_POC_Root_TEST_CA , Peppol_FRPOC_AP_TEST_CA , PFR00000X ):
keytool -list -v -keystore "%JAVA_HOME%/lib/security/cacerts" -storepass changeit | grep "Alias name|Valid from:"
If you have any question, please use this discussion channel to ask
Beta Was this translation helpful? Give feedback.
All reactions