Skip to Content
Author's profile photo Karsten Möhwald

How To: OPI2 AS2 Adapter Test Scenarios

The OPI2 AS2 adapter enables SAP NetWeaver PI to transfer messages based on the standardized AS2 protocol.

The adapter is part of the OPI2 open source project for SAP NetWeaver PI. It is available on sourceforge in different versions ( There you can also find detailed documentation that describes – among other things – the deployment of the adapter.

This how-to document (available also as PDF) is a step-by-step guide that shows how to use the OPI2 AS2 adapter based on two example scenarios. As partner system we use the mendelson AS2 server.

Sample Scenarios:

1. mendelson to PI (AS2 sender channel)

Please notice that the AS2-sender-channel automaticly sends back a “Message Delivery Notification” (MDN) to mendelson. (synchronous)

2. PI to mendelson (AS2 receiver channel)

Notice that mendelson sends back a MDN synchronously. This MDN has to be converted to an asynchronous message in order to save it to a file (via file receiver channel). Therefore we will use the adapter-module “ResponseOnewayBean” that acts as a synch-asynch bridge.


We will use the mendelson AS2 server as external system. For encryption and signature we will create keys and certificates that will be imported to mendelson and PI.


  1. Install “mendelson AS2 server”

  2. Generate keys and certificates

  3. Import generated keys and certificates into Mendelson and PI

  4. Configuration of Mendelson

  5. Configuration of PI

  6. Send test messages

1. Install “mendelson AS2 server”

The mendelson AS2 Server can be downloaded at To start the installation run the file „install_mendelson_opensource_as2_1.1b37.exe“ and follow the instructions.

For a first test you can start mendelson AS2 server and run following URL in your webbrowser:



You should see the mendelson release and the message „You have performed an HTTP GET on this URL“.

2. Generate Keys and Certificates

The keys and certificates can be generated with Portecle. You can find Portecle on Just use the launch button to start the programm.

For both parties we have to take following steps:

  1. generate keystore
  2. generate keypair inside the keystore
  3. export certificate from the keypair (.cer file)

Remark: You can also generate the keys directly inside NWA. Here we will describe the creation of the keys using Portecle. Later we will import those keys into NWA.

We choosed following names:



keystore (filename)



keypair inside the keystore (alias)



exported certificate (filename)



Steps for mendelson keys/certificates

Generate keystore: File -> New Keystore


choose PKCS #12 and confirm with OK

Generate Keypair: Tools -> Generate Keypair


Export certificate: right-click the keypair -> Export


Keep configuration and save certificate (filename mendelson-as2-cer.cer)

Save keystore: File -> Save As (filename certificates.p12, choose password)

You have to repeat the steps to generate PI keystore, PI keypair and PI certificate.

3. Import Generated Keys and Certificates into Mendelson and PI


The mendelson AS2 Server uses a keystore file certificates.p12 in the installation directory of mendelson. This keystore must contain the private key of mendelson and the certificate of PI.

  • The keystore certificates.p12 we created already contains the private key of mendelson, so we just have to add the certificate of PI:
    • Open the keystore certificates.p12 using Portecle
    • Tools -> Import Trusted Certificate -> choose the certificate TPI-as2-cer.cer we created before
    • confirm and save the keystore
  • Now we have to replace the file certificates.p12 in mendelson installation directory with the certificates.p12 we created.
  • The last step is to maintain the password of our keystore certificates.p12 in mendelson
    • start mendelson
    • File -> Preferences -> Security Tab -> Keystore password (encryption/signature)



In PI the keys and certificates are maintained in the NWA. There we will need the private key of PI and the certificate of mendelson.

  • create a new view:
    • NWA -> Configuration -> Security -> Certificates and Keys
    • Add View
    • choose the new view
  • add private key of PI:
    • choose import Entry within the view we just created
    • Type: PKCS#12 Key Pair
    • choose file (TPI-as2-keystore), type in your password
  • add certificate of mendelson
    • choose import Entry within the view we just created
    • Type: X.509 Certificate
    • choose file (mendelson-as2-cer.cer), confirm

4. Configuration of Mendelson AS2 server

Start mendelson AS2 Server, klick Partner and add two parties:



The checked box Local station specifies that this party represents the mendelson AS2 Server itself. We need to maintain a unique AS2 ID for each of our AS2 partners. We will have to maintain the same AS2 IDs later when we create the Parties inside PI.


We use the same private key (of mendelson) for both decryption and signature creation.


The MDN URL is used when we send messages out of mendelson. It specifies where the receiver system should send the MDN to.



This Party represents an external system (PI).


We use the same certificate (of PI) for both encryption and signature validation.


To send the AS2 Message to PI AS2 adapter you have to use following Receipt URL:

PI 7.3x



older releases



for our case we have





At the moment the OPI2 AS2 Adapter supports only synchronous MDNs. We request a signed MDN.

The values of the other tabs can be kept on default.

5. Configuration of PI

For both Scenarios

Create a Party and a Business Component for both mendelson and PI. Choose the Service Interfaces you want to use.




Remark: The values under Agency and Scheme are fix. Notice that for the key “AS2  ZZZ 117” there are two subsequent spaces in each case.

Business Component



Scenario 1 (mendelson to PI)



When you create the Integrated Configuration you have to maintain a Virtual Receiver because the AS2 message has the attributes To-Party and To-Service when it enters PI. (To-Service is specified in the Receipt URL of the mendelson partner configuration)


OPI2 AS2 Sender Channel (with keys and certificates)

Scenario 2 (PI to mendelson)


After sending the AS2 message to mendelson the MDN of mendelson is transformed to an asynchronous message using the Module “Response Oneway Bean” in the OPI2 AS2 receiver channel. This asynchronous message is processed by a second Integrated Configuration, which must use the receiver interface of the AS2 message to mendelson as sender interface. (Remark: since this is an inbound Interface, you cannot choose it using the value help. You have to type the name.) The SOAP sender channel we use is just a dummy to enable the creation of the Integrated Configuration.

Integrated Configuration for the message of PI to mendelson


Here we don’t need a Virtual Receiver.

Remark: For this scenario (AS2 inbound message / receiver channel) you can alternatively set the message header (sender party, sender component, receiver party, receiver component) in the tab Outbound Processing. You have to work this way if the real sender component of the message is not assigned to a party.


Integrated Configuration for the MDN of mendelson to PI


We need a Virtual Receiver again because the asynchronous message we get back after processing by the Response Oneway Bean has the attributes To-Party and To-Service.

OPI2 AS2 Receiver Channel (with keys and certificates)


Module Configuration of the OPI2 AS2 Receiver Channel


6. Sending Test Messages

mendelson to PI

Start the mendelson AS2 server, choose File -> Send file to partner and choose the sender, the receiver and the file you want to send.


After pushing Ok you should get the information that the message is successfully encrypted, signed and sent to the receiver and that a MDN is received successfully.


Also have a look at the message in Communication Channel Monitoring and Message Monitoring.

PI to mendelson

Put the file you want to send in the source directory of your file sender channel. As soon as the file is processed by PI you should see some informations in mendelson telling you that the message is successfully received and decrypted, the signature is verified successfully and a MDN is sent back synchrounously.


Also check in Message Monitoring that the MDN is successfully received and processed by PI.


Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member

      Thanks for this how-to Karsten.

      Just a quick note, a PDF version of every SCN document can be seen by using the "View as PDF" or just add ".pdf" at the end of the url



      Author's profile photo Avinash Ayanala
      Avinash Ayanala

      Hi Karsten,

      That was very informative i am search for the correct example on AS2 and you gave really good one thank's a lot dude.



      Author's profile photo Former Member
      Former Member

      Hi Karsten,

      nice and informative blog about OPI2, one of my client required this OPI2 for EDIFACT files can you please post the documentation how to install and how to deploy of OPI2 adapter and Edifact Conversion Module step by step process in PI. It would be helpful to me while implementation.

      Thanks in Advance.



      Author's profile photo Holger Himmelmann
      Holger Himmelmann

      Hi Raja,

      the documentation can be found via the central project website on sourceforge:

      Regards, Holger

      Author's profile photo Former Member
      Former Member

      Hi Holger,

      Thanks alot for quick response, i downloaded documents from sourceforge but i am so confused with that,i need step by step process like how to install and integrate opi2 adapter with PI 7.3. if you have implement on opi2 please guide me or post some documents related to OPI. Accordingly need to inform to my Basis Team, we all new to this OPI2 adapter.



      Author's profile photo Former Member
      Former Member

      Hi all,

      looking for implementation of OPI2 so please suggest me for which version its support

      PI 7.3 or PI 7.3 EHP1.