- 最新
- 投票最多
- 评论最多
Hello,
A 400 error could be returned from the endpoint if a valid AS2 message is not received. It is possible that the AS2-From and AS2-To headers do not match the values for an agreement associated with the server. The AS2-From header should match the AS2 ID in the partner profile, whereas the AS2-To header should match the AS2 ID in the local profile. Could you confirm if this is not the case?
Also, do check that the agreement has an access role with permission to read and write from the S3 bucket and that the role’s trust policy allows the transfer service to assume the role as described here [1].
Further, if the server has a logging role configured, check whether the server's CloudWatch Logs contain any AS2 message logs. If the logs do not contain the reason for the failure, do raise a support case providing the AS2 Message ID and VPC Endpoint ID so that the Support team can check for the exact reason why the message is not being accepted by the endpoint.
Also, to your question, as you correctly pointed out, signing-cert.pem and encryption-cert.pem from the example are both the public certificates which are shared with the trading partner. signing-key.pem and encryption-key.pem should not be shared with the trading partner.
References:
[1] https://docs.aws.amazon.com/transfer/latest/userguide/requirements-roles.html.
-- Sagar
相关内容
AWS 官方已更新 3 年前- AWS 官方已更新 5 个月前
- AWS 官方已更新 3 年前
