Frequently Asked Questions

Frequently Asked Questions

Below you will find answers to the most commonly asked questions about becoming a provider of a PEPPOL Access Point (AP) or an SMP (service metadata publisher). If you require an SMP only, go ahead an sign up for a free trial SMP account to find out how easy it is.

Do you have questions that are not listed below? Please get in contact with us.

QuestionWhy would we even consider having a PEPPOL Access Point (AP)?

Answer:

  • The possibility to reach many thousands of already connected business entities across Europe. As of January 2019 about 175.000 parties can receive electronic business documents through the PEPPOL network.
  • By having your own PEPPOL Access Point you don’t need to worry about establishing roaming agreements with other AP service providers. This is already taken care of by you (and them) signing the Transport Infrastructure Agreement which prohibits AP providers to charge for business documents exchanged with other APs. AP service providers are only allowed to charge their own customers, not other APs.
  • 1. How do we get our own PEPPOL Access Point?

    • Get in touch with us so we can talk about your requirements. When we have a signed contract the process can start. If you want the SMP service only, you don’t have to sign an agreement with PEPPOL and the actions listed below don’t apply.

      The mandatory testing process for new PEPPOL Access Points is not necessary if we operate yours. We have been granted a fasttrack by OpenPEPPOL enabling a super fast and smooth onboarding process. Make sure to mention that you intend to use the Access Point services of Galaxy Gateway hosted by Tickstar when you contact your PEPPOL Authority. 

      In general the process looks like this for you when signing up for the Access Point service:

      1. Join OpenPEPPOL, sign the Transport Infrastructure agreement (TIA) with a PEPPOL authority and pay the OpenPEPPOL member fee. We can offer a guide that will help you to fill out the agreement. If you plan to sign with the Swedish PEPPOL Authority, DIGG, they have a great guide (in Swedish) available.
      2. You should start to prepare to handle the envelope needed when you send and receive PEPPOL files. Current versions of the mandatory PEPPOL BIS message types can be found here. There are also sets of national PEPPOL documens such as the ones commonly used in Norway and in The Netherlands.
      3. Next, you should request your AP certificate. We will do the footwork for you if you can provide Annex 1 along with a company registration letter from a public authority in your country. When you receive an e-mail and an SMS from OpenPEPPOL, please pass it on to us so we can enroll for your production Access Point certificate. We advise that you let us do it since it is part of our implementation process which is really lean and swift. If you already have an AP certificate, please have a look at question number 2 below for the procedure.
      4. We are now busy setting up and configuring your Access Point instance.
      5. Ensure that you can write and delete files on the ftp account we have created for you.
      6. When we have notified you about your AP being deployed, send some test files to yourself in order to verify connectivity. This will also ensure that you can handle ACK/NACKs as well as incoming files from other PEPPOL APs.
      7. Perform the test procedure mandated by OpenPEPPOL.
      8. Test sign-off
      9. Done! You can now exchange messages with all PEPPOL Access Points.
  • 2. We have already enrolled for the Access Point certificate, what now?

    • In order for us to be able to install your Production AP certificate its hierarchy needs to look like the image below.

    • Your AP certificate has to be chained with the ROOT and CA certificates issued by OpenPEPPOL. Its CommonName would be something like PXY000123 for a v.3 prod AP cert. Please make sure that this is done before you send the certificate to us.

    • Screen shot from KeyStore Explorer.

    • Please provide a .p12 file with the complete certificate, chained as in the above picture. You can use https://send.firefox.com to transmit the certificate securely to us.

    • Make sure to tick the box “require a password to download this file“. Send the password on a separate channel (i.e via SMS) to us.It is strongly advised that we take care of the certificate enrolment process for you as stated in the previous question in this FAQ. Send us the 4 digit SMS passcode and our engineers will help out.For further details, please visit FAQ question number 1, bullet number 3.

  • 3. What is an SMP? Do we need one?

    • An SMP (service metadata publisher) publishes the receiving capability of a PEPPOL receiver – also known as a PEPPOL participant. Unless a PEPPOL receiver is registered in an SMP no one can send any documents to it.

    • Parties that only send are not necessarily registered in an SMP.

    • We host an SMP service that is widely used throughout PEPPOL by organizations and service providers, on behalf of their clients, that want to be reachable in PEPPOL.The SMP of Galaxy Gateway can be used free of charge for non-production scenarios. Visit the terms of use for the fine print details.

    • Please be reminded that the SMP interacts with the SML only and not the SMK (the SML test environment). If sending PEPPOL Access Point (corner 2) use a pilot certificate this SMP can’t be used. Sign up for a free SMP account and look for yourself!

  • 4. How are PEPPOL receivers identified?

    • A PEPPOL receiver needs to be registered in an SMP. It is identified using a combination of any of the ISO6523 identifiers available and the corresponding identifier value.

    • The syntax of the ReceiverID looks like this for a Swedish organization number: 0007:5567212047. The corresponding GLN identifier for that organization number is 0088:7365567212048 and Swedish VAT  identifier would be 9955:SE556721204701. You put the ReceiverID in line 12 in the SBDH envelope. Please go here for a current ISO 6523 code list used in PEPPOL.

  • 5. Which message types can be used in PEPPOL?

    • There are more than 100 message types approved by PEPPOL authorities and allowed to be exchanged in the network. For a complete list of documents, please go here. The mandatory PEPPOL BIS messages can be found here. There are also regional PEPPOL documents used in Norway and in The Netherlands.

  • 6. How do we wrap PEPPOL files using the required SBDH envelope?

    • The SBDH envelope is an XML structure in which the message payload is wrapped. Please learn more about it.

  • 7. We received a NACK (negative acknowledgment). What now?

    • If you are still in the test phase the most likely reason is that you sent non-conformant data in the envelope. The error description in the RCTP file will help you to amend it and re-send your file. If you did not receive a RCTP file we were unable to parse the SBDH. Please verify that it is a valid xml file with all mandatory elements. Check the /to-peppol/tmp folder for files with filename prefix val_. If such a file can be found, your file was either not well formed or had a fatal SBDH error. Ensure that the SBDH is complete and correct by using any of the online XML Validators available. Resubmit the file.If you are in production with your PEPPOL Access Point you should check if the receiving Access Point is online or not – please use the PEPPOL AP Monitor. To find out which AP a receiver use, just perform a Participant Lookup. Depending on the error code(s) you received in the NACK, you should take appropriate action. For a full list of error codes and recommended actions, go here.

  • 8. We received an ACK (positive acknowledgement) but the file did not reach the receiver. What should we do?

    • If you receive ACK (code 200) you can be certain that the file was successfully delivered to the next PEPPOL Access Point. If that file did not reach the end receiver, the receiving Access Point has to be notified. Use the RecipientIdentifier to find the receiver’s PEPPOL Access Point contact details by doing a Participant Lookup. See next question for more details.

  • 9. How can I find the helpdesk contact details to a PEPPOL Access Point?

    • To find the helpdesk contact details to any PEPPOL Access Point, just perform a Participant Lookup using the identifier of the receiver. You can find the receiver identifier in the file you sent. It should look something like ‘0007:5567212047‘.

  • 10. How do I find out which Access Point a PEPPOL receiver use?

    • You can easily find out which Access Point (AP) a PEPPOL receiver uses. Just perform a Participant Lookup using the identifier of the receiver to find the contact details of the receiver’s AP. You need to know the ISO 6523 code and the receiver’s identifier.

  • 11. What do all the PEPPOL buzzwords mean?

    • PEPPOL DictionaryAS2 = Applicability Statement 2 – a protocol for secure and reliable data transport over the internet. AS2 replaced START on  Sep 1st 2014 as the mandatory transport protocol between PEPPOL Access Points.

    • Access Point (AP) = Exchanges documents with other APs. An AP is typically operated by a service provider. A technical term for Access Point is ‘endpoint’.

    • BIS = The PEPPOL adaptation of a CEN BII specification. BIS is a abbrevation of “Business Interoperability Specification“. The specs are available here.

    • EHF = Elektronisk Handelsformat (Electronic trade format). This is the most commonly used e-invoice standard in Norway. It is a slightly modified CEN BII/PEPPOL BIS invoice. Here you can find its implementation guide. Please refer to Annex 5, page 4, for additional information.

    • Four corner model = The architecture of PEPPOL supports a scenario where the sender of a file (Corner 1 or C1) transmits a file to its service provider (C2) that operates an Access Point. C2 forwards it to the service provider of the receiver (C3). Finally, the file is transmitted to the end receiver of the file (C4). C2 operates on behalf of C1. C3 operates on behalf of C4.

    • ISO 6523 = Codes for identifying organizations and parts thereof. A list of identifiers currently used in PEPPOL is available at https://www.galaxygw.com/iso6523. Also please refer to  http://en.wikipedia.org/wiki/ISO/IEC_6523 and http://www.cyber-identity.com/download/ICD-list.pdf for more information.

    • Participant = The end receiver of a PEPPOL transaction. In the four corner model it is called Corner 4. A participant needs to be registered in an SMP so that its receiving capability becomes known to the sending Access Point.

    • SMK = Service Metadata Locator for test scenarios. The SMK is used only for exchanging files between PEPPOL Access Points that have pilot certificates.  Participants can be added to the SMK only by SMPs that support updating the SMK.

    • SML = Service Metadata Locator. The SML is a DNS storing the CNAMEs for all SMP’s and the URL to the SMP in which a certain participant resides. A change in the SML can take some time to propagate to the user doing a lookup depending on various DNS caches (and their TTL values) between you and the SML.

    • SMP = Service Metadata Publisher.  An SMP is a registry that stores receivers’ metadata such as their PEPPOL Identifier(s), document type receiving capabilities and which access point(s) they use to receive each document type

    • START = Secure Trusted asynchronous Reliable Transport – the PEPPOL Transport Protocol for exchanging messages between Access Points. The START protocol was deprecated in PEPPOL on Sep 1st2014 and replaced by AS2.