Building an eB2B endpoint

Owned by Michael Walther
Last updated: Nov 26, 2024
3 min read

The steps on how to build an eB2B endpoint are going to heavily depend on the software used for the Access Point (AP) and Service Metadata Publisher (SMP), as well as the integration into the overall infrastructure in your business, be that a message processing platform, invoicing application, ERP or Accounting system or anything in between.

The applicable specifications are the core of the “Enhanced B2B Solution Architecture” (see eB2B Starting Environment Documents) which references additional Supporting specifications.

General Approach: Start small, grow in steps

After receiving an eB2B Test certificate, the first functional milestone of the build will be to simply connect to another eB2B access point. This other AP can be either a partner or the OpenPeppol Testbed eB2B suite.

Then, the next step is to gradually extend the functionality of the AP and SMP used to cover more of the eB2B specific implementation rules.

First Milestone: Establish eB2B connectivity

Setup an (initial) eB2B Access Point (Test/SMK)

  • Software base: “regular” AP, e.g. phase4, Oxalis, Domibus or others

  • Needs to be configured with the “eB2B Test Certificate” for the AS4 layer

Note that the latter may require light modifications to the AP software to accept the CN.

The eB2B AP certificate is part of the Peppol PKI. A complete JKS truststore including all Peppol certificates can be found here: https://github.com/phax/peppol-commons/tree/master/peppol-commons/src/main/resources/truststore

Setup an SMP (Test/SMK) for use with eB2B

  • Software base: “regular” SMP, e.g. phOSS SMP or others

    • eB2B uses the plain “Peppol SMP” certificate, so it’s possible to use an existing SMP or setup a dedicated instance

    • Add the eB2B AP certificate to the configuration to be used in receiving service meta data

  • Needs to pick a relevant subset of, and then configure (as required):

    • Document / Process types per section 4.4 and 4.5 of the Solution Architecture (not part of theeDEC codelists (yet))

    • Particularly make sure to include “Message Level Status” (section 4.5.4)

    • End User Identifiers and Service Provider Identifiers per section 4.3 and 4.2 respectively

Run first Test scenarios (sending / receiving a test file)

  • Configure End Users in your eB2B SMP in SMK, using eB2B Process Type(s) and the eB2B AP certificate

  • Setup the corresponding (minimal?) receiving process

  • Send a test document (manually?)

  • Send an MLS response in the “opposite” direction (manually)

Milestone 2: Add mandatory functionality

Extend eB2B processing logic: Generate MLS

Automate the process of generating an MLS from an inbound document, depending on the overall design of your infrastructure:

  • Either, connect the AP to an internal processing platform capable of performing validation (schematron) and any other required checks, including validating connectivity to the C4 End User

  • Or, add these functions into the AP implementation

Depending on the outcome, the processing logic needs to generate a corresponding MLS message and send it to the original sender as indicated in the inbound SBD headers.

Extend eB2B SMP validation: Validate eB2B certificate and Process Type match

The Solution Architecture is built around the idea that the eB2B Process Types (with the corresponding Document Types) are used together with eB2B certificates only. Conversely, non-eb2b Process Types (e.g. from Post-Award domain) may not be used with eB2B certificates. These conditions can be validated on the receiving capabilities registered in the SMP used for the eB2B scenarios.

Extend the AP sender validation: Accept eB2B flows only from eB2B senders

The receiving AP needs to also validate that any connection request from a sending AP comes from an eB2B certified AP, if an eB2B Process Type is used. This is required to ensure that only valid senders participate in the eB2B choreographies. This can be tested by allowing only certificates issued by “PEPPOL EB2B ACCESS POINT CA - G2“ (Production).

Add shared document type (EN16931-eB2B Extension)

At a minimum, the EN16931-eB2B Extension should be supported.

Milestone 3 ff.: Add application-level components

Having completed the required functionality, the actual business processes need to be implemented in Message Flows. The choice and level of detail is heavily dependent on the target business scenario, including

  • Sending hybrid files using a network or point-to-point address

  • Sending EDIFACT files using a network or point-to-point address

  • Implement sender validation checks on network endpoints (to ensure controlled onboarding)

  • … and much more …