Frequently Asked Questions

Below you will find answers to the most commonly asked questions about becoming a provider of a PEPPOL Access Point (AP) or an SMP (service metadata publisher). If you require an SMP only, go ahead an sign up for a free trial SMP account to find out how easy it is.

Do you have questions that are not listed below? Please get in contact with us.

Why would we even consider having a Peppol Access Point (AP)?

The possibility to reach many thousands of already connected business entities across Europe. As of January 2020 almost 400.000 organizations globally can receive electronic business documents through the Peppol network.

By having your own Peppol Access Point you don’t need to worry about establishing roaming agreements with other AP service providers. This is already taken care of by you (and them) signing the Transport Infrastructure Agreement which prohibits AP providers to charge for business documents exchanged with other APs. AP service providers are only allowed to charge their own customers, not other APs.

How do we get our own Peppol Access Point?

Get in touch with us so we can talk about your requirements. When we have a signed contract the setup of your Peppol Access Point and SMP can begin. If you want the SMP service only, you don’t have to sign an agreement with Peppol and the actions listed below don’t apply.

The mandatory testing and approval process for new Peppol Access Points is completely taken care of by us.

In general the process looks like this for you when signing up for the Access Point service with us:

Join OpenPeppol, sign the Transport Infrastructure agreement (TIA) with a Peppol authority and pay the OpenPeppol member fee. We can offer a guide that will help you to fill out the agreement. If you plan to sign with the Swedish Peppol Authority, DIGG, they have a great guide (in Swedish) available.
You should start to prepare to understand and process ACK/NACKs as well as the envelope needed when you exchange documents with Peppol. Current versions of the mandatory Peppol BIS message types can be found here. There are also sets of national Peppol documents such as the ones listed below:
We will request your Test AP certificate. Please provide your most recent Annex 1 along with a company registration document from a public authority in your country. When you receive an e-mail and an SMS passcode from Peppol, please pass them on to us so we can enroll for your certificate. We advise that you let us do it since it is part of our implementation process which is really lean and swift. If you already have an AP certificate, please follow this procedure to share it with us.
We are now busy setting up and configuring your Access Point instance and preparing it for Peppol Testbed accreditation.
Ensure that you can perform write and delete actions on the ftp account we have created for you.
We will perform the Peppol Testbed rounds and upload the pdf test report to Peppol’s Helpdesk as well as a request for you Production AP certificate. which will render another e-mail and SMS passcode from Peppol to you. Pass them on to us without taking any further action.
When we have notified you about your Production AP being deployed, you should follow this procedure to verify the setup. It will ensure that you can handle ACK/NACKs as well as incoming files from other Peppol APs.
Done! You can now exchange messages with all Peppol Access Points.

We have already enrolled for the Access Point certificate, what now?

If you already have a non expired AP certificate that we can use when deploying your Access Point you should to provide the private-key-pair unchained in PKCS#12 format as it is when you export it from the browser, in a PKCS#12 as a .p12 file.

Use the below means of communication to share the certificate with us. If you use another way to send your certificate we take no responsibility for the protection of its integrity.

SFTP

Upload your AP certificate to your SFTP account on ftp.galaxygw.com and let us know.
Send the keystore password on another channel. i.e via SMS/Whatsapp, to us.

It is strongly advised that we take care of the certificate enrolment process for you as stated in the previous question in this FAQ.

For further details, please visit FAQ question number 1, bullet number 3.

Our Access Point certificate is about to expire. What are the next steps?

Your AP certificate has to be renewed every 24 months. If the certificate expires it will make your AP non-interoperable with other APs so we are happy to help out to make the renewal process as smooth as possible for you.

Here is the complete process outlined:

We will notify you about your AP certificate expiry well in advance of the expiration date
We will ask you to provide a fresh Annex1 to us since the e-mail address and mobile phone in section 4.6 will be used for the below enrollment step (see bullet no. 5 and 6 below)
We would like to know if you have Peppol participants in other SMPs than Galaxy Gateway SMP.
We will initiate the certificate request process through Peppol’s Helpdesk
You will receive an enrollment e-mail from Enterprise PKI Team <noreply@digicert.com> and an SMS passcode from Peppol related to the certificate. Please forward both to us. Use a separate channel for the SMS passcode, such as SMS or Whatsapp.
We will enroll for your certificate.
We will update the certificate in your AP instance and in Galaxy Gateway SMP.
We will send the public key of the AP certificate to you
You will have to update other SMPs in which you have Peppol participants, using the public key you received in the previous step.

The process takes about 2-4 hours for us to complete and we will charge for our hours.

What is an SMP? Do we need one?

An SMP (service metadata publisher) publishes the receiving capability of a Peppol receiver – also known as a Peppol participant. Unless a Peppol receiver is registered in an SMP no one can send any documents to it. The receiver also has to be published to the SML (service metadata locator), which is done by dragging the slider “Publish in SML” in the SMP of Galaxy Gateway when creating the participant.

Parties that only send are not necessarily registered in an SMP.

We host an SMP service that is widely used throughout Peppol by organizations and service providers, on behalf of their clients, that want to be reachable in Peppol. The SMP of Galaxy Gateway can be used free of charge for non-production scenarios. Visit the terms of use for the fine print details. Sign up for a free SMP account and look for yourself!

Please be reminded that the SMP interacts with the SML only and not the SMK (the SML test environment). If sending Peppol Access Point (corner 2) use a Test certificate this SMP can’t be used. If you want to use an SMP that supports the SMK you should use the Test SMP on https://testwww.galaxygateway.eu.

How are Peppol receivers identified?

A Peppol receiver needs to be registered in an SMP and it can only be registered in one (1) SMP. It is identified using a combination of any of the ISO6523 identifiers available and the corresponding identifier value. If you can’t perform a Participant Lookup for the receiver, you are using an incorrect ParticipantID. Here’s a sample lookup: https://my.galaxygw.com/participantlookup#/0007/5567212047

The syntax of the ReceiverID looks like this for a Swedish organization number: 0007:5567212047. The corresponding GLN identifier for that organization number is 0088:7365567212048. You should put the ReceiverID in line 12 in the SBDH envelope. Please go here for a current ISO 6523 code list used in Peppol.

Which message types can be used in Peppol?

There are more than 50 document types approved by Peppol authorities. allowed to be exchanged in the Peppol eDelivery network.

For a complete list of documents, please go here. The mandatory Peppol BIS messages can be found here. There are also regional Peppol documents used in Norway and in The Netherlands.

How do we wrap Peppol files using the required SBDH envelope?

The SBDH envelope is an XML structure in which the business document (message payload) is wrapped. Please learn more about it.

We received a NACK (negative acknowledgment). What now?

If you are still in the test phase the most likely reason is that you sent non-conformant data in the envelope.

The error description in the RCPT file will help you to amend it and re-send your file. Please verify that it is a valid xml file with all mandatory elements. If you received a high-level validation warning/error in the RCPT, the business document was not fully compliant with the schematron rules for that document type.

That folder should normally be empty but if such a file can be found, your file was either not well formed or had a fatal SBDH error. Ensure that the SBDH is complete and correct by using any of the online XML Validators available. Resubmit the file.

If you are in production with your Peppol Access Point you should check if the receiving Access Point is online or not – please use the Peppol AP Monitor. To find out which AP a receiver use, just perform a Participant Lookup. Depending on the error code(s) you received in the NACK, you should take appropriate action.

For a full list of error codes and recommended actions, go here.

We received an ACK (positive acknowledgement) but the file did not reach the receiver. What should we do?

If you receive an ACK (code 200) you can be certain that the file was successfully delivered to the next Peppol Access Point.

If that file did not reach the end receiver, the receiving Access Point has to be notified.

Use the RecipientIdentifier to find the receiver’s Peppol Access Point contact details by doing a Participant Lookup. See next question for more details.

How can I find the helpdesk contact details to a Peppol Access Point?

To find the helpdesk contact details to the receiver’s Peppol Access Point or SMP, just perform a Participant Lookup using the identifier of the receiver.

You can find the receiver identifier in the file you sent, refer to line 9 in the SBDH sample on https://www.galaxygw.com/support/payload-envelope.

The ReceiverID should look something like ‘0007:5567212047‘.

To find out in which SMP the receiver is registered, click the below picture.

How do I find out in which SMP a participant is registered or which Access Point a Peppol receiver use?

You can easily find out in which SMP a participant is registered and which Access Point (AP) it uses to receive. Just perform a Participant Lookup using the identifier of the receiver to find the contact details of the receiver’s AP. You need to the receiver’s Peppol ID, which includes the ISO 6523 code.

What do we need to do to prepare for the AS4 migration?

If you are using the Access Point service of ours, the short answer is: You need to provide two documents so that we can initiate that AS4 onboarding test procedure.

Peppol Annex1 (download from https://openpeppol.atlassian.net/wiki/spaces/Public/pages/142376989/Annex+1+Templates+-+by+PEPPOL+Authority)
Company registration document from a Governmental Authority in your country. It has to be newer than 6 months.

Please review your Annex1 for any recent changes. Pay special attention to section 4.6; Make sure to enter a valid e-mail address and a mobile phone number, including your country code so that we can enroll for your test certificate.

Once you receive an e-mail and SMS passcode, just forward everything to us and we will take care of the procedure of enrolling for your Test AP certificate.

No other action is required on your end for your AP to continue to comply with the Peppol specification. We will make sure that your AP can exchange files using AS4 no later than February 1st 2020 when AS4 becomes the mandatory AP-to-AP transport protocol.

Background

As you may know, the AP-to-AP transport protocol will change from AS2 to AS4 on Feb 1 2020. Visit https://peppol.eu/support-for-the-peppol-as4-profile-mandatory-in-the-peppol-edelivery-network-from-1-february-2020 to read the details.Our engineers are currently preparing for the AS4 migration. In order for your AP to be allowed to continue its operation after that date it is required that it undergoes the AS4 Testbed compliance test procedure.The complete procedure on our end includes the following activities:

We create a test AP certificate request on Peppol’s helpdesk
We enroll for your test AP cert once you have forwarded the e-mail and SMS passcode to us
We create and deploy your Test AP instance
We deploy your Test Cert in your test AP
We perform and complete the AS4 test runs in the Peppol Testbed
We file the testbed report on Peppol’s Helpdesk
We manage the Peppol Authority approval
We deploy AS4 capability in your Production AP
We create an AS4 AP config in Galaxy Gateway SMP (if you use it) so that you can receive with AS4 from other APs

AS4 becomes mandatory in Peppol – what does this mean for us as a Galaxy Gateway Access Point?

Page created: 2020-01-09

Page updated: 2020-01-22 (removal of element RelayOperatorId)

Page updated: 2020-01-29 (added a segment about how to finish your AS4 AP onboarding)

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Update January 29

This is the last detail we need your help with so that you can begin to receive with AS4 to your Access Point.

Your Access Point has been updated and now supports AS4 for AP-to-AP message exchange.

This is the AS4 AP URL for you AP:

https://ap.galaxygateway.eu/server/as4

You need to paste that URL into the SMPs you are using (such as Elma). If you’re using Galaxy Gateway SMP we will update the information for you.

A top priority is interoperability with other APs. Your AP will therefore continue to be able to send and receive with AS2. It is very likely that other APs will continue to use AS2 after February 1st, which is why we have decided to continue to support AS2 for as long as it gains interoperability.

The Galaxy Gateway SMP GUI will not display the AS2 configuration even though it’s there. This will be improved in upcoming versions of the GUI.

Your AP configuration will display AS4 but in reality AS2 is still supported for receiving with your Access Point.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

AS4 Migration Background

On Feb 1st 2020, AS4 becomes the mandatory AP-to-AP transport protocol for message exchange. This is a major change and OpenPeppol is therefore requiring all Access Points to go through the Peppol AS4 Testbed accreditation procedure – which is why we initiated the Test AP Certificate request process with you already in October.

We will take your AP through the AS4 test procedure shortly but in order to do so you need to know a few things.

AS2 will still be used as an optional transport protocol in Peppol after Feb 1st. When the number of exchanged transactions in the network is less than 20% there will be a decision on deprecation date for AS2.

Your AP will support AS2 for as long as it is allowed to be used.

Summary

Your AP will soon be updated. No downtime is expected. Your AP will able to exchange documents with other APs during the migration process.
- Enables support for AS4
- New error codes will be returned to you, see below for details
- We will perform stricter validation of the documents you send to Peppol, see below for details.
You will get two (2) new AP URLs – one for AS2 and one for AS4. If you have Peppol participants registered in:
- Galaxy Gateway SMP
  - we will update both AP URLs for you, unless you want to do it yourself. The new AS2 URL can be found below but must not be used until we have updated your AP.
- Other SMPs
  - You will receive the AS4 AP URL from us after Peppol AS4 Testbed approval so you can add it to other SMPs.

Actions expected from you

Are you using the AP error codes we send back to you when a file to Peppol fails? If yes; visit Cloud AP error codes to find the current ones.
Verify that you send valid files to Peppol – they have to pass schematron validation.
- Contact us if you want us to temporarily enable the Validator add-on service so that you receive detailed validation errors.
Let us know if you want to update the AS2 AP URL in Galaxy Gateway SMP yourself. If you don’t ask us to do so we will will update it for you as part of this migration.
- The new AS2 URL is https://ap.galaxygateway.eu/server/as2 (you must not enter it in any SMP until we have notified you about your AP being updated)
Let us know if you want to create your AS4 AP configuration in Galaxy Gateway SMP yourself. If you don’t ask us to do so we will will create it for you as part of this migration.
Let us know if you want to associate your existing participants with your AS4 AP in Galaxy Gateway SMP yourself. If you don’t ask us to do so we will will script it for you as part of this migration.
Let us know if you have participants in other Peppol SMPs (such as in Norwegian Elma) so that we can provide the new AS2 AP URL (https://ap.galaxygateway.eu/server/as2) and AS4 AP URLs.
Are you using SBDH as envelope type? If yes; we have removed the element RelayOperatorId since it is no longer needed. This makes the required SBDH to align with the Peppol specification of the SBDH.

Detailed information

As part of preparing your Access Point for AS4 we will upgrade your AP instance. We will let you know before we start the upgrade and we will keep you posted about the progress.

Stricter validation

The Peppol network is growing rapidly and OpenPeppol has started to focus on the quality of the documents exchanged. A stricter document validation will therefore be deployed in your upgraded AP instance of your files to Peppol. You will get a high-level error message if a file contains errors. We can enable detailed errors as part of the Validation add-on service. Let us know if you want to try it out.

To ensure a smooth migration we recommend you to verify the validity of your sent documents before the migration.

You can verify your files automatically using the Validation add-on service we offer or manually using any of the free online options such as

What will change for you when upgrading your AP instance are the following things:

AS2 and AS4 endpoint URLs

You will get a new AS2 AP URL. If you have registered receivers in other SMPs (such as Elma in Norway or elsewhere), let us know and we will provide the updated AS2 Access Point URL so that you can sync the update in other SMP(s) with the switch on our side.
You will get a new AS4 AP URL. It will be provided to you after we completed the AS4 test procedure for your AP.

AP error codes

We have replaced all error codes with new, more detailed ones. Please visit https://www.galaxygw.com/support/error-codes for more information.
You can choose to keep the legacy error codes but we recommend using the new ones since they are more granular and precise – which should make troubleshooting on your end a lot smoother. If you still would like to continue to use the legacy error codes you need to let us know about it.

Document validation

Your files to Peppol will be validated before they are forwarded to the Peppol network. Visit https://www.galaxygw.com/support/peppol-validator to find the complete list of documents the validation engine supports. If you send documents that are not listed, no validation will be performed.
There will be a stricter validation of the SBDH envelope to ensure compliance with what is outlined on https://www.galaxygw.com/support/payload-envelope.
If your file contains validation errors we will respond with a NACK with a high-level error message. If you have the validation service enabled will find a more detailed validation error message in the NACK. If you like to evaluate the validation service with full error messages, just let us know.

Everything else remains the same for you in terms of how you integrate with us, such as your sftp credentials. There will be no downtime when migrating your AP – you will be able to exchange files with other APs without interruption.

What do all the Peppol buzzwords mean?

Peppol Dictionary

AS2 Applicability Statement 2 – a protocol for secure and reliable data transport over the internet. AS2 replaced START on Sep 1^st 2014 as the mandatory transport protocol between Peppol Access Points. From Feb 1^st AS2 will be an optional transport protocol in Peppol.

AS4=Applicability Statement 4 – a protocol for secure and reliable web service based data transport over the internet. AS4 replaced AS2 on Feb 1^st 2020 as the mandatory transport protocol between Peppol Access Points.

Access Point (AP) = Exchanges documents with other APs. An AP is typically operated by a service provider. A technical term for Access Point is ‘endpoint’.

BIS = The Peppol implementation of a CEN BII specification. BIS is a abbrevation of “Business Interoperability Specification“. The documentation can be found here.

EHF = Elektronisk Handelsformat (Electronic trade format). This is the most commonly used e-invoice standard in Norway. It is a slightly modified CEN BII/Peppol BIS invoice. Here you can find its implementation guide. Please refer to Annex 5, page 4, for additional information.

Four corner model = The architecture of Peppol supports a setup where the sender of a file (Corner 1 or C1) transmits a file to its service provider (C2) that operating an Access Point. C2 forwards it to the C3, the service provider of the receiver. Finally, the file is transmitted to the end receiver of the file (C4). C2 operates on behalf of C1. C3 operates on behalf of C4.

ISO 6523 = Codes for identifying organizations and parts thereof. A list of identifiers currently used in PEPPOL is available at https://www.galaxygw.com/iso6523. Also please refer to http://en.wikipedia.org/wiki/ISO/IEC_6523 and http://www.cyber-identity.com/download/ICD-list.pdf for more information.

Participant = The end receiver of a Peppol transaction. In the four corner model it is called Corner 4. A participant needs to be registered in an SMP so that its receiving capability becomes known to the sending Access Point.

SMK = Service Metadata Locator for test scenarios. The SMK is used only for exchanging files between Peppol Access Points that have pilot certificates. Participants can be added to the SMK only by SMPs that support updating the SMK.

SML = Service Metadata Locator. The SML is a DNS storing the CNAMEs for all SMP’s and the URL to the SMP in which a certain participant resides. A change in the SML can take some time to propagate to the user doing a lookup depending on various DNS caches (and their TTL values) between you and the SML.

SMP = Service Metadata Publisher. An SMP is a registry that stores receivers’ metadata such as their Peppol Identifier(s), document type receiving capabilities and which access point(s) they use to receive each document type

START = Secure Trusted asynchronous Reliable Transport – the Peppol Transport Protocol for exchanging messages between Access Points. The START protocol was discontinued in Peppol on Sep 1^st2014 and replaced by AS2.

How can a participant use different APs to receive?

Peppol supports the scenario where a participant can use different APs for receiving.

Assume that the participant wants to

use AP1 to receive invoices
use you (AP2) to receive orders

AP1 is the Access Point that first registered the participant in an SMP and as you know, a Peppol participant can only be registered in one (1) SMP.

Here’s how to do it if you discover that the participant you try to register in Galaxy Gateway SMP has already been registered by someone else, AP1.

AP2 (you) have to share your AP configuration (as as shown in the screen shot) with AP1.

AP2 can find the necessary information by following these steps:

Login to https://my.galaxygw.com
Click “Access Points”
Click your AP and “Edit”
Copy the following values

Access point Name
Contact e-mail
Access point endpoint URL
Endpoint Information URL
Certificate (save it in a separate .txt file)

5. AP2 should send all the above information to AP1 so they can add AP2’s configuration to their SMP account. Here’s how to find the contact details to AP1.

AP1 can now use that data to create AP2’s configuration in the SMP and associate AP2’s document types to the participant.

Your Access Point instance is deployed, what now?

Congrats! We have set up your Peppol Access Point instance and you are now able to use it for message exchange with other APs. Here is what you should do to verify that it works as expected.

Sign in to your SMP user account on https://my.galaxygw.com. If you have not logged in before you should perform a password reset by clicking “Forgot password?”.
Verify that your AP configuration looks correct. Click “Access Points” and check the configuration details we have created for you.
Click “Participants” and verify that it looks correct.
Sign in to your ftp account with your credentials you have received from us.
Move the DLVY file from the folder ‘from-peppol’ to the folder ‘to-peppol’.
Wait a minute and you will receive 2 files in the ‘from-peppol’ folder.
All set. You are now ready to go!

Please refer to https://www.galaxygw.com/support/integration-test to get all the details about the steps listed above.

We also recommend that you have a look at both https://www.galaxygw.com/support/communication and https://www.galaxygw.com/support/receipts-ack-nack.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.