GISB Connector
Version 23.4.8839
Version 23.4.8839
GISB Connector
GISB connectors support sending and receiving messages via the GISB protocol.
Overview
A GISB connection is configured in two places. Configure the GISB Profiles page with a local GISB identifier, personal key, and other information that is global across all GISB connections. Then configure individual GISB connectors with connection settings specific to a single trading partner. When a GISB connector processes an input file, it is packaged and sent to the specified trading partner.
When CData Arc receives a file over GISB, it attempts to route the file to a specific GISB connector. The application uses the GISB identifiers in the message to determine which GISB connector should receive the file. When a file is routed to a GISB connector, that file is placed on the connector’s Output tab, or is passed along to the next connector in the flow.
Profile Configuration
The GISB profile must be configured before connections can be established with individual GISB connectors. Click Profiles > GISB on the top menu bar.
GISB Profile Tab
Personal Id
Settings for identifying the local profile.
- GISB Identifier Your GISB identifier. Messages sent by Arc include this value as the
GISB-From
header. Incoming messages must have this value as theGISB-To
header to be successfully received. GISB Identifiers are case-sensitive.
Personal Key
Settings related to the private decryption and signature certificate.
- Secret Key The key that is used to decrypt incoming messages and sign outgoing messages.
- Passphrase The password required to access the local secret key.
Application URLs
Settings and displayed values related to accessing Arc from the public web.
- Receiving URL The URL at which Arc listens for incoming GISB messages. Share this URL with all your trading partners.
Miscellaneous
Miscellaneous settings are for specific use cases.
- Other Settings Enables you to configure hidden connector settings in a semicolon-separated list (for example,
setting1=value1;setting2=value2
). Normal connector use cases and functionality should not require the use of these settings.
Connector Configuration
This section contains all of the configurable connector properties.
Settings Tab
Trading Partner Info
Settings for identifying and connecting to a specific trading partner.
- Connector Id The static, unique identifier for the connector.
- Connector Type Displays the connector name and a description of what it does.
- Connector Description An optional field to provide a free-form description of the connector and its role in the flow.
- GISB Identifier The identifier specific to the target trading partner. This value is included in outgoing messages, and it is also used to route incoming messages to the appropriate GISB connector.
- Partner URL The trading partner’s public endpoint where outgoing messages should be sent.
- GISB Version The protocol version of the GISB client.
Connection Info
Settings related to connection parameters for the specified trading partner.
- Send Message Security Whether to sign and/or encrypt outgoing messages. CData strongly recommends that you use signatures and encryption.
- Receive Message Security Whether to require that signatures and encryption are present for incoming messages. An error is thrown if a received message does not have a required security parameter.
- Client Timeout The length of time (in seconds) the connector waits for a connection response before throwing a timeout error.
Receipts
Settings related to sending and requesting message receipts.
- Security Whether receipts should include a signature block verifying the message integrity and identity of the recipient.
Trading Partner Keys/Certificates
Settings related to the public certificates provided by the trading partner.
- Recipient Key Certificate The public key used for encryption and signature verification. Use the Import Key button, then browse to the key to import.
- TLS Server Certificate The public certificate used to verify the identity of a TLS/SSL server. This is only necessary if the partner’s GISB system requires HTTPS instead of HTTP. If the trading partner does not provide a TLS server certificate, you can leave this setting blank to allow the underlying OS/JVM to perform certificate validation, or set it to
Any Certificate
to unconditionally trust the target server’s identity.
Automation Tab
Automation Settings
Settings related to the automatic processing of files by the connector.
- Send Whether files arriving at the connector are automatically sent as GISB messages.
- Retry Interval The amount of time before a failed send is retried. A retry is triggered when the server does not respond to a send attempt, or responds negatively to communicate that the file was not received.
- Max Attempts The maximum number of times the connector processes the input file. Success is based on a successful server acknowledgement and validation of the receipt (when requested synchronously). If this is set to 0, the connector retries the file indefinitely.
Performance
Settings related to the allocation of resources to the connector.
- Max Workers The maximum number of worker threads consumed from the threadpool to process files on this connector. If set, this overrides the default setting on the Settings > Automation page.
- Max Files The maximum number of files sent by each thread assigned to the connector. If set, this overrides the default setting on the Settings > Automation page.
Alerts Tab
Settings related to configuring alerts and Service Level Agreements (SLAs).
Connector Email Settings
Before you can execute SLAs, you need to set up email alerts for notifications. Clicking Configure Alerts opens a new browser window to the Settings page where you can set up system-wide alerts. See Alerts for more information.
Service Level Agreement (SLA) Settings
SLAs enable you to configure the volume you expect connectors in your flow to send or receive, and to set the time frame in which you expect that volume to be met. CData Arc sends emails to warn the user when an SLA is not met, and marks the SLA as At Risk, which means that if the SLA is not met soon, it will be marked as Violated. This gives the user an opportunity to step in and determine the reasons the SLA is not being met, and to take appropriate actions. If the SLA is still not met at the end of the at-risk time period, the SLA is marked as violated, and the user is notified again.
To define an SLA, click Add Expected Volume Criteria.
- If your connector has separate send and receive actions, use the radio buttons to specify which direction the SLA pertains to.
- Set Expect at least to the minimum number of transactions (the volume) you expect to be processed, then use the Every fields to specify the time frame.
- By default, the SLA is in effect every day. To change that, uncheck Everyday then check the boxes for the days of the week you want.
- Use And set status to ‘At Risk’ to indicate when the SLA should be marked as at risk.
- By default, notifications are not sent until an SLA is in violation. To change that, check Send an ‘At Risk’ notification.
The following example shows an SLA configured for a connector that expects to receive 1000 files every day Monday-Friday. An at-risk notification is sent 1 hour before the end of the time period if the 1000 files have not been received.
Advanced Tab
Alternate Local Profile
Settings that override the GISB configuration on the Profiles page for this specific GISB connector. Setting an alternate local profile allows the use of different local keys and identifiers for individual trading partners.
- Local GISB Identifier Your GISB identifier.
- Secret Key The key that is used to decrypt incoming messages and sign outgoing messages.
- Passphrase The password required to access the local secret key.
TLS Client Authentication
Settings related to client authentication when two-way TLS authentication is required.
- Private Certificate The private certificate presented during TLS client authentication.
- Certificate Password The password required to access the TLS client certificate.
HTTP Authentication
Settings related to HTTP client authentication.
- HTTP Authentication Whether to use client HTTP authentication.
- HTTP Authentication Type Whether to provide HTTP authentication credentials in an encrypted format (Digest) or in plain text (Basic). Only use Basic authentication if the the connection is an HTTPS connection (instead of HTTP).
- User The user credential for HTTP client authentication.
- Password The password credential for HTTP client authentication.
Proxy Settings
These are a collection of settings that identify and authenticate to the proxy through which the GISB connection should be routed. By default, this section uses the global settings on the Settings Page. Clear the checkbox to supply settings specific to your connector.
- Proxy Type The protocol used by a proxy-based firewall.
- Proxy Host The name or IP address of a proxy-based firewall.
- Proxy Port The TCP port for a proxy-based firewall.
- Proxy User The user name to use to authenticate with a proxy-based firewall.
- Proxy Password A password used to authenticate to a proxy-based firewall.
- Authentication Scheme Leave the default None or choose from one of the following authentication schemes: Basic, Digest, Proprietary, or NTLM.
Advanced Settings
Settings not included in the previous categories.
- Compression Method The algorithm to use when compressing outgoing payloads.
- EDI Type The type of EDI message to use. The default is X12.
- Encrypting Algorithm The algorithm to use when encrypting outgoing messages.
- Fold Headers Check this to have the connector fold the headers if the headers are over a certain length.
- Packet Type Check this to have the connector read the features from the Recipient Key Certificate to determine if the older packet type is required. If the key requires the older packet type, it is used.
- Processing Delay The amount of time (in seconds) by which the processing of files placed in the Input folder is delayed. This is a legacy setting. Best practice is to use a File connector to manage local file systems instead of this setting.
- Sign and Encrypt Check this to have the connector perform signing and encryption in the same step.
- Signing Algorithm The algorithm to use when signing outgoing messages.
- TLS Enabled Protocols The list of TLS/SSL protocols supported when establishing outgoing connections. Best practice is to only use TLS protocols. Some obsolete operating systems do not support TLS 1.2.
- Temp File Check this to have the connector write data to be processed to a temp file, then move the temp file into processing after it has been fully written.
Message
Message settings determine how the connector searches for messages and manages them after processing. You can save messages to your Sent folder or you can group them based on a Sent folder scheme, as described below.
- Save to Sent Folder A toggle that instructs the connector to keep a copy of sent messages in the Sent folder.
- Sent Folder Scheme Instructs the connector to group files in the Sent folder according to the selected interval. For example, the Weekly option instructs the connector to create a new subfolder each week and store all sent files for the week in that folder. The blank setting instructs the connector to save all files directly in the Sent folder. For connectors that process many transactions, using subfolders can help keep files organized and improve performance.
Logging
Settings that govern the creation and storage of logs.
- Log Level The verbosity of logs generated by the connector. When you request support, set this to Debug.
- Log Subfolder Scheme Instructs the connector to group files in the Logs folder according to the selected interval. For example, the Weekly option instructs the connector to create a new subfolder each week and store all logs for the week in that folder. The blank setting tells the connector to save all logs directly in the Logs folder. For connectors that process many transactions, using subfolders helps keep logs organized and improves performance.
- Log Messages Check this to have the log entry for a processed file include a copy of the file itself. If you disable this, you might not be able to download a copy of the file from the Input or Output tabs.
Miscellaneous
Miscellaneous settings are for specific use cases.
- Other Settings Enables you to configure hidden connector settings in a semicolon-separated list (for example,
setting1=value1;setting2=value2
). Normal connector use cases and functionality should not require the use of these settings.
Partner Setup
Trading partners must share the connection details that are required when configuring a new GISB connector. At a minimum, these details must include:
- GISB Identifier
- Partner URL
- Recipient Key Certificate
Send and Receive Files
Once the GISB profile and partner-specific GISB connectors are configured, files can be securely sent and received.
Send Files
In a GISB connector, the Input tab displays the files to be sent to the target trading partner. If Send is enabled on the Automation tab, files that reach the Input tab of the connector are automatically packaged and sent. Access the log files for all transmissions by expanding the row associated with the transmitted file.
The Create Test Files button lets you generate a simple series of test files to send to the trading partner.
Receive Files
In a GISB connector, the Output tab displays the files that have been received by the application and routed to the connector (based on the GISB identifiers present in the incoming GISB message). Expand each file row to display a list of available logs for the transmission.
These files are available on the connector Output tab. If the connector is connected to other connectors in the flow, files are automatically moved from the Output tab of the GISB connector to the Input tab of the next connector in the flow.