Sage XRT Business Exchange 12.4.200

General

Alliance Lite2

PTCSwiftRA.dll module supports the interface of Swift Alliance Lite2.

System Administration

System Administration - File Transfer Service - Protocol Device - Swift RA

The [1] Swift Alliance Lite 2 value must be selected for the Swift Device Profile variable (Key Name).

The parameters for Alliance Lite2 start with SAL2.

The setup wizard enables you to specify values.

In SAL2 Parameters tab, specify the URL provided, as well as your username and password.

The supported protocols are: SFTP, FTP, HTTP, HTTPS and file sharing.

The Spooler SAL2 tab specifies the storage directory.

In the Alerts tab, specify the service used for the acknowledgment delivery.

The three following variables can be added:

SAL2 Lau Key: LAU key provided.
SAL2 Url SSH Pvk: Authentication key file for SSH client and SFTP connection.
SAL2 Url SSL Certificate: File X509 Certificate for client and HTTPS connection.

Swift FTI is obsolete, all parameters have been deleted.

Contract Manager

Contract Manager - SwifNet Requestor

These setup tabs are the same as the setup tabs for RAHA.

FileAct Write direction

FileAct Read direction

FIN Write direction

For FIN, blocks 1 and 2 must be included into the file to be transmitted.

FIN Read direction

Protection for Session Cookie

Activate the AES-256 encryption of the session cookie by clicking Generate protection for session cookie in the Miscellaneous Parameters tab of the master site.

You must restart the transaction service and IIS site to complete the activation process.

Utimaco Support

You can now use Utimaco (HSMBOX) to ensure the secure storage of the key pairs used for the secure connections (SSL/TLS type) and transaction and order signatures.

The screenshot below illustrates the setup for this device.

Warning: Do not use this setup without Umatico CryptoServer.

Support of Elliptic Curve Protocols

The SFTP server is now compatible with Elliptic Curve Algorithms for the connection process.

Certificates Check

Certificates can be checked through their hash in all the Sage XRT Business Exchange modules. The hash ensures the identification of valid certificates.

Example for SFTP Requestor Contracts:

Maintenance Mode

System Administration - World Wide Web Publication Service - Online Banking

In the Parameters tab, the option Put the site in maintenance mode except for the following addresses suspends the site activity and notifies users that Online Banking site is in maintenance.

The site suspension has no impact on the specified IP Addresses and Domain Names (separated by a semicolon).

LAN and WAN SCAS URL

System Administration - Master

In the SCS Authentication tab, the Control URL for SCAS token field enables you to specify an internal address. If there is no access to the Internet on the station where Sage XRT Business Exchange is installed, this internal address replaces the external one for the token verification.

VFS Files

Service Manager - Resources - Files

The Original Physical File Name column contains:

the name of the file received in Recipient Requester mode for CopyFile, External, FTP, and SFTP protocols
the name of the file received in Recipient Server mode for FTP and SFTP protocols

SSL Server Certificates and Configuration

System Administration

The Production Rest Service (P5RAPI) and the TCPIP network device of the file transfer can use the station definition: IP address/port number and a station certificate.

Use the command Netsh http show sslcert to display the configurations.

If no certificate is defined for the station configuration, the RAPI service creates its own self-signed certificate.

Management of Received Files

For all protocols and the requestor recipient contracts, the files received within an archive can be automatically unzipped.

The files are then available as contained in the archive. If the archive includes several files, then they are concatenated in one single physical file for VFS.

Arguments

In the program, path or arguments fields (processing of pre/post-transfer exits, processing of signature, interfaces, scheduler actions, connection exit, etc.) and executable or script processing, the following arguments (in the table) are available.

List of arguments

Variable	Correspondence
%$Y4	YYYY
%$Y2	YY
%$Y1	To
%$M2	MM
%$D2	DD
%$QT	Day number
%$h2	HH
%$m2	MM
%$s2	SS
%$ms	Milliseconds (3 characters from 000 to 999)
%$tc	TICKCOUNT (Number of milliseconds since the OS was started)
%#SITE	Site
%#HOST	Host
%XXX%	Support of variables for the current user account For the processing (exits, etc.), %temp% folder can be set up in the arguments name to generate the files into the temporary folder of the user account.

Example of setup for Resource Name:

The alias for file prepfile.exe file can be forced to name_of_file_20201126-094236, which provides the client with a time-stamped file.

Utilities

Ctl.exe and ctllcr.exe

The /SCRLF option enables the removal of CRLF from files on executables Ctl.exe and Ctllcr.exe.

Audit and Prepfile

/R parameter (external reference) is available for executables Audit.exe andPrepfile.exe.

Ctl Executables

For Ctl* executables, to differentiate the station on which the file is to be available from the one to which the notification is to be sent, /computer parameter must be used in the following way:

/Computer:A;B

A corresponds to the station on which the file is available.

B corresponds to the station to which the notification is sent.

In ExpVps.exe, /IA[D] variable is added to import Swift and Banque de France directories in command line.

[D] enables the reset of directories.

P5WCERT

The P5WCERT utility is used to manage X509 certificates. Here are the new improvements:

Multi-filter utility which increases /FILTER parameter (maximum 10 filters)
Expiry Date added to /CEBREPORT command
Distinction between transport and signatory EBICS identities within /CEBREPORT command

Command List

Usage: P5WCERT [/P: {/N:\|/A:} /TH: /TO: /CC: /CI: {/VAL: \| /EXP: \| /IMP: \| /DEL:{$TEST} \| /DBEXP: \| /DBIMP: \| /DBDEL: \| /CEBREPORT:{$NOTUSED\|$TPONLY\|$SIONLY} \| /CEBDELETE:{$TEST} \| /CEBRENEW:{$TEST}} {/PFXPWD: \| /PFXSID:} /FILTER: /UID: /PWD: /SERVER: /COMPUTER:]
/EXP	Export to directory
/IMP	Import from directory
/VAL	Expired Certificate List
/DEBEXP	Disposal of certificates from the safe
/DBIMP	Import of certificates from the safe
/DBDEL	Export of certificates to the safe
/CEBREPORT	List of certificates, info on the use of EBICS identities {$NOTUSED\|$TPONLY\|$SIONLY}
/CEBDELETE	Disposal of not used certificates in an EBICS identity {$TEST} can perform destructive test
/CEBRENEW	Renewal of expired certificates for EBICS identities {$TEST} can perform destructive test Or/and {$NOTESTEXISTINPDS} can exclude the certificates which are present in signature
/DEL	Certificate destruction {$TEST} can perform destructive test
/P	Entity Name (mandatory with /N)
N	Notification Alias (mandatory with /P)
/TH	Threshold
/A	Recipient List
/CC	Cc Recipients List
/C	Ci Recipient List
/PFXPWD	Password for pfx files
/PFXSID	Active Directory Protection Rules for pfx files
/FILTER	Common Name Filter
/UID	User Account
/PWD	Password associated with the user account
/SERVER	Site name
/COMPUTER	Computer name

Import and export processings are tracked in the Event Log of SXBE Monitor.

Receive Campaign

System Administration - Automatic Receiving Service - Receive Campaign

Relaunch every time option enables you to relaunch several times a day the receiving of the flows selected within the campaign.

100-Year Validity

Contract Manager - Requestor Contracts

All new contracts have a 100-year validity.

Replaying Exits

Monitor - Transfer History

You can now replay all the pre/post-transfer exits.

Two new tabs are available: Pre-transfer Exits and Post-transfer Exits.

You need to select the lines you want to replay.

Associating Binaries Control with Integrity Option

System Administration - Master - Data Protection

To ease patches application, the control over binaries is not automatic.

To activate it, select Force code signature verification at execution in the data protection setup.

PowerShell Support: SXBE Object Model Display

You can execute scripts set up in PowerShell.

In the Script Engine field for processes, specify powshell.

Implementing Keep-Alive

System Administration - Transfer Service - Network Device

For big files on TCPIP transfers, you can apply the Keep Alive principle to prevent the connection with the distant host from closing.

For this setup, two new variables are available on the TCPIP network interface of P5CCOM:

Keep Alive TimeOut, in seconds (1 second by default)
Keep Alive Interval, in seconds (7200 seconds by default)

Both variables are also available on the Proxy Server.

Signature

Validation Code

You can now create yourself your Validation Code to complete validations.

Once you defined it, you can also reset it without the administrator intervention by clicking the link: Validation Code Forgotten?

Display Preferences

You can specify your own display preferences. They are saved in your profile whatever the station or the browser used.

Adding Files

Depending on your rights, you can add 1 to n files. In Signature Cycle Information, the icons are activated showing the menu your files reached.

The Signature menu displays various elements depending on your rights.

You can view the Signature Cycle of your files. In the fictitious example below, the file has been validated by Hélène Delacroix and is pending for signature.

The Additional Information tab displays all the other details of the file.

Finally, the third tab, Remittances, provides information on the remittances.

Setting up Columns

You can display the columns in a customized order for every page you have access to, by clicking the configuration icon .

The columns may also be moved directly from the grid.

You can select criteria for your search and create your own display template using the save icon .

Bank Statements

Transaction Statements

For CAMT054 and AFB240 formats, Bank Statements enables you to view:

Transaction Statements received by bank and by account
Transactions that can be grouped by type
History of the statements received by bank and by account

Transactions Statements can be imported, exported, audited, and purged like all statements.

Status Reports

For Pain 002 (Payment Status Report) format, Bank Statements enables you to view:

File statuses received by bank and by account
Remittance statuses received by bank and by account
Transaction statuses received by bank and by account
History of the statements received by bank and by account

Status Reports can be imported, exported, audited, and purged like all statements.

Web Administration

Four-Eye Rule

Version 12.4.200 of Sage XRT Business Exchange includes the management of "Four Eyes" principle for setting up the menus.

This feature enables the validation of two different operators for the addition, deletion, and modification of setup elements.

Whatever your profile, you can check if there are modifications pending for validation with the icon at the top right of the screen (the number specifies how many modifications are pending).

A green banner at the bottom of the window notifies the user who modifies the element that their modification request has been saved and is now pending for validation.
For the user who validates, the modified elements are displayed in green.

For more details on the "Four Eyes" principle, see the help topics relating to Web Administration.

Payments

Evolution of GPI Statuses

UETR (Unique End to End Transaction Reference) enables you to follow the execution cycle of the transaction up to the end of the workflow, i.e. to the beneficiary's credit.

So, in the payment transaction history, the Status Origin completes the status.

This type of follow-up is available for formats MT199 GPI and Pain 002 as of version 11.