dig cert 1.1 - installation guide

OpenText – Digitalización Certificada de Facturas

AEAT V 1.1

INSTALLATION GUIDE

OpenText – Installation Guide – Dig Certifcada v.1. 1 _____________________________________________________________________________

Table of content 0. Prerrequisites ........................................................................................................................ 4

1. Stop Archive Spawner ........................................................................................................... 5

2. Copy library files .................................................................................................................... 5

3. Copy Servtab files .................................................................................................................. 5

4. Copy Dpconfig files ............................................................................................................... 6

5. Copy Monitor file .................................................................................................................. 6

6. Copy PERL script .................................................................................................................... 7

7. Merge Registry file ................................................................................................................ 7

8. Copy *.pfx file (only for test purposes) ................................................................................. 7

9. Enrypt Certificate pwd (not necessary for test.pfx) .............................................................. 9

10. Install Searchable PDF DocTool 11.0.msi .......................................................................... 9

11. Restart spawner ................................................................................................................ 9

12. Configure Archive Mode in Archive Server Administration .............................................. 9

13. Create RFC function module ........................................................................................... 12

14. Config. ES profile ............................................................................................................. 12

15. Importing SAP transport request .................................................................................... 18

16. Using Barcode.................................................................................................................. 18

17. Customizing of SAP Workflow ........................................................................................ 19

17.1 Customizing of Logical archives .................................................................................. 19

17.2 Customizing of Archivelink Document Type ............................................................... 19

17.3 Configuration of Enterprise Scan .................................................................................... 20

17.4 Configurations SAP standard one-step workflow (Late Archiving and Early Archiving) . 23


17.5 Additional configuration for Early Archiving SAP standard one-step workflow ............. 24

17.6 Configurations for a custom workflow ............................................................................ 25

18. Execution of the workItem in the SAP Business Workplace ........................................... 26

18.1 Execution of a Late Archiving Work Item in the SAP Business Workplace ................. 26

18.2 Execution of an Early Archiving Work Item in the SAP Business Workplace .............. 29


Table of figures

Ilustración 1 Configure Archive mode ........................................................................................... 9

Ilustración 2 Archive Mode details .............................................................................................. 10

Ilustración 3 Archiving conditions ............................................................................................... 11

Ilustración 4 Assign archive mode ............................................................................................... 12

Ilustración 5 configure Document Pipeline ................................................................................. 13

Ilustración 6 Set up Document Pipeline Attributes ..................................................................... 14

Ilustración 7 Document Pipeline Attributes ................................................................................ 14

Ilustración 8 Configure Document Pipeline ................................................................................ 16

Ilustración 9 configure Archive mode ......................................................................................... 16

Ilustración 10 Output Document Format .................................................................................... 17

Ilustración 11 Document Pipeline ............................................................................................... 17

Ilustración 12 Example for OAC0 configuration .......................................................................... 19



Ilustración 15 configure Document Pipeline ............................................................................... 20

Ilustración 16 configure Archive Mode ....................................................................................... 21

Ilustración 17 configure Output File Format ............................................................................... 21

Ilustración 18 configure Archiving............................................................................................... 22

Ilustración 19 configuration of Pipeline Attributes ..................................................................... 22

Ilustración 20 Example of OAWS configuration .......................................................................... 23

Ilustración 21 types of receivers of Work Items ......................................................................... 23

Ilustración 22 configure work item receiver ............................................................................... 24

Ilustración 23 Example configuration of SOA0............................................................................ 24

Ilustración 24 Example configuration for OACA .......................................................................... 24

Ilustración 25 Example for OACA configuration .......................................................................... 25

Ilustración 26 Sap Business Workplace Work Items ................................................................... 26

Ilustración 27 The archived image is shown ............................................................................... 26

Ilustración 28 assign image to document ................................................................................... 27

Ilustración 29 confirm document assignment ............................................................................ 27

Ilustración 30 view SAP document .............................................................................................. 28

Ilustración 31 open Attachment list ............................................................................................ 28

Ilustración 32 open attached image ............................................................................................ 28

Ilustración 33 display archived image ......................................................................................... 29

Ilustración 34 Sap Business Workplace Work Items ................................................................... 29

Ilustración 35 The archived image is shown ............................................................................... 30

Ilustración 36 SAP document creation ........................................................................................ 31


0. Prerrequisites There are some prerrequisites that need to be fulfilled in order to install correctly the solution

for the digital signature.

• Correct Installation of Open Text Document Pipeline version 10.1.1 on the affected

Scan workstation

• Posession of a electronic Digital signature .pfx file in PKCS #12 format provided by a

trusted entity with password

• Usage of either barcode or workflow scenarios for assignment of scanned images to

SAP documents


1. Stop Archive Spawner Stop the local Windows Service "Archive Spawner" on the scan station in the services panel in

order to be able to configure the document Pipeline for the digital signature.

2. Copy library files

Copy:

• bcprov-jdk14-138.jar

• DigSigEncrypt.jar

• iText-2.1.2u.jar

• iText-rtf-2.1.2u.jar

• iText-rups-2.1.2u.jar

• jdt2_32.jar

• jdt2_64.jar

• MetaData_iTEXT.jar

• sapjco3.dll

• sapjco3.jar

• SignDocTool_iTEXT.jar

• startWF_v2.jar

from <package>\lib

to %ECM_DOCUMENT_PIPELINE_CONF%\config\lib (create dir lib if it does not exist)

Rename jdt2_32.jar or jdt2_64.jar as jdt2.jar, depending on machine

3. Copy Servtab files

copy:

90_JDT_Digsig.servtab

90_FilterCompany.servtab


from <package>\ixos\servtab

to %ECM_DOCUMENT_PIPELINE_CONF%\config\servtab

Some parameters in the Servtab file have to be adjusted:

START_WF;once;no;;$LOG;"$ECM_DP_INFO_JAVA_HOME\bin\java.exe" -classpath

"$P\startWF_v2.jar;$P\jdt2.jar;$P\sapjco3.jar" ixos.dt.BAPI_JDT.startWF -type startWF <SAP

Client><RFC-User><RFC-user pwd><SAP Server) <SAP Server><Instance Nr.> Z_INSERT_DIGSIG

<LOGLEVEL>

RFC-User could be IXOSCPIC

e.g.:

START_WF;once;no;;$LOG;"$ECM_DP_INFO_JAVA_HOME\bin\java.exe" -classpath

"$P\startWF_v2.jar;$P\jdt2.jar;$P\sapjco3.jar" ixos.dt.BAPI_JDT.startWF -type startWF 812

rdoerge Rainer00 10.0.0.7 00 Z_INSERT_DIGSIG ALL

In productive (stable) System, the loglevel should be in ERROR

4. Copy Dpconfig files Rename original files r3sc.dpconfig and r3sc.dpinfo in

%ECM_DOCUMENT_PIPELINE_CONF%\config\dpconfig to

• r3sc.dpconfig.orig

• r3sc.dpinfo.orig

and copy the r3sc.dpconfig and r3sc.dpinfo files

from <package>\ixos\dpconfig

to %ECM_DOCUMENT_PIPELINE_CONF%\config\dpconfig

5. Copy Monitor file

rename original file r3sc.monitor in %ECM_DOCUMENT_PIPELINE_CONF%\config\monitor to

• r3sc.monitor.orig

and copy the file r3sc.monitor

from <package>\ixos\monitor

to %ECM_DOCUMENT_PIPELINE_CONF%\config\monitor


6. Copy PERL script

copy:

FilterCompany.pl

from <package>\ixos\perl

to %ECM_DOCUMENT_PIPELINE_BASE%\scripts\perl

7. Merge Registry file

If the OT Software is 32 bit Version, merge the registry file:

Firma_Digital_32_bits_10.1.1_m.reg

and adjust the settings if necessary (certificate).

If OT Software is 64 bit Version on a 64 Bit system, merge the registry file:

Firma_Digital_64_bits_10.1.1_m.reg

and adjust the settings if necessary (certificate).

(In case of doubt, please merge both files. In such case, be aware of having in mind both

paths in Registry for configuring the digital signatures and passwords:

HKEY_LOCAL_MACHINE\SOFTWARE\IXOS\IXOS_ARCHIVE\DIGSIG\CERTIFICATE and

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\IXOS\IXOS_ARCHIVE\DIGSIG\CERTIFICAT

E )

Adjust the OpenText Installation ID (provided by Open Text ) in registry key OTID in:

HKEY_LOCAL_MACHINE\SOFTWARE\IXOS\IXOS_ARCHIVE\DIGSIG

Or

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\IXOS\IXOS_ARCHIVE\DIGSIG

8. Copy *.pfx file (only for test purposes) Copy the provided pfx file test.pfx to the path specified in registry key or copy file to a suitable

location on machine and adjust the path in registry key.


For details of registry entry, see point 6.

If you have a proper certificate file, please use this instead


9. Enrypt Certificate pwd (not necessary for test.pfx)

Encrypt certificate password with the following command in command line:

java -classpath "%ECM_DOCUMENT_PIPELINE_CONF%\config\lib\DigSigEncrypt.jar"

DigSigEncrypt <certificate-pwd>

10. Install Searchable PDF DocTool 11.0.msi

Install the searchable PDF DocTool if not already installed from delivered directory

"Searchable PDF DocTool 11.0"

The installation of the Searchable PDF DocTool requires a Windows restart.

11. Restart spawner

Restart Archive spawner to activate all configuration changes

12. Configure Archive Mode in Archive Server

Administration

In Archive Administration configure Late_Archiving as Scenario for the Archive mode.

Ilustración 1 Configure Archive mode


The details of the archive mode:

Ilustración 2 Archive Mode details


No conditions are needed for Digital Signature, but can be configured if business case requires:

Ilustración 3 Archiving conditions


Assign the archive mode to the scan station.

Ilustración 4 Assign archive mode

13. Create RFC function module This RFC function module is created with a SAP transport request. The function module is

Z_DIGSIG_INSERT

14. Config. ES profile As the ES configuration can and will be different in every installation, we will explain only the

archiving subprofile.

Add the “Set Document Pipeline Attributes” and “Document Pipeline for SAP” Flows.


The Configuration in Tools� LEA Administration and Pipelines must be configured as “use

local Document Pipeline”

Ilustración 5 configure Document Pipeline


Ilustración 6 Set up Document Pipeline Attributes

It is important that the “Document Pipeline for SAP” Flow be the last one in the sequence.

Configure the “Set Document Pipeline Attributes” as follows:

Ilustración 7 Document Pipeline Attributes

<DOCTYPE> is to be replaced by the ArchiveLink doctype configured in SAP for the Workflow to

be started.

<COMPANY> is to be replaced by the company whose certificate will be used for digital

signature. This parameter is only required for Multicompany environments with several digital

Signatures. If the escenario is a Monocompany, the whole “COMPANY <COMPANY>”

parameter is not used and should be omitted.


DIGITALSIGNATURE is the flag to indicate whether the document should be signed digitally or

not. Possible values are TRUE for digital signing and FALSE for omitting digital signature.

STARTWORKFLOW is the flag to indicate whether a SAP workflow should be started or not.

Possible values are TRUE for starting the workflow and FALSE for ignoring the workflow step

(e.g. in Barcode scenario).

WORKFLOWTYPE is the flag to indicate the type of (SAP default one step) workflow that should

be started. Its possible values are EARLY (default option) or LATE. The EARLY type applies,

when an Early Archiving scenario is used and the SAP document, the digitally signed document

should be attached to, is not yet created. The LATE option is for Late Archiving scenarios, when

the SAP document already exists and the image should only be attached to this object.

If a Custom workflow should be started, the WORKFLOWTYPE option does not apply and can

be omitted.

Compile the script and go on OK.


Configure the Document Pipeline for SAP as follows:

Ilustración 8 Configure Document Pipeline

Ilustración 9 configure Archive mode


In Advanced options, it is important to choose PDF/A (image) or PDF/A (text).

Ilustración 10 Output Document Format

The Document Pipeline Info tool should show the following result (all doctools in green):

Ilustración 11 Document Pipeline


15. Importing SAP transport request In order to be able to start the one-step workflow, the following SAP transport request must

be imported into the SAP system:

• DCBK900288

• DCBK900352

• DCBK900353

• DCBK900372

16. Using Barcode You can use a barcode to link the scanned, digitally signed document to the SAP document.

The Barcode is inserted into the standard SAP barcode table by the doctool “Send message to

R/3”. Using a barcode, usually makes it obsolete starting a workflow. The default scenario for a

workflow is Late Archiving with barcode. You might consider configure the STARTWORKFLOW

parameter to FALSE in order to increase performance.


17. Customizing of SAP Workflow

There are 3 possible scenarios for SAP workflows.

The SAP standard one-step workflow for Early archiving, the SAP standard one-step workflow

for Late Archiving and a custom workflow. All these scenarios can be configured and will be

explained after the common configurations

17.1 Customizing of Logical archives

Logical archives must be set up correctly in SAP transaction OAC0 and Open Text Archive

Server.

Ilustración 12 Example for OAC0 configuration

17.2 Customizing of Archivelink Document Type

ArchiveLink document types must be configured properly in OAC2 and OAC3 Transaction.




17.3 Configuration of Enterprise Scan

In Enterprise Scan, the Document Pipeline must be configured

Ilustración 15 configure Document Pipeline


For Archive mode FirmaDigital…

Ilustración 16 configure Archive Mode

… the Output File Format PDF/A (text) or PDF/A (image) must be configured.

Ilustración 17 configure Output File Format


The Document Pipeline Attributes must be set up

Ilustración 18 configure Archiving

The following Attributes should be configured

Ilustración 19 configuration of Pipeline Attributes


17.4 Configurations SAP standard one-step workflow (Late

Archiving and Early Archiving) For a Early Archiving scenario, the following transactions

In transaction OAWS, the Default setting DSIG must be configured.

Ilustración 20 Example of OAWS configuration

In the default setting the one of the following objects must be configured as the receiver of the

work item

Ilustración 21 types of receivers of Work Items


In this example, we assign a SAP user to receive the work item.

It is important to choose the store and assign scenario (4th check box)

Ilustración 22 configure work item receiver

In transaction SOA0, the assignment of document Type and Object Type to the one-step

workflow must be done

Ilustración 23 Example configuration of SOA0

17.5 Additional configuration for Early Archiving SAP

standard one-step workflow In transaction OACA, the default transaction code for SAP document creation has to be set

up.

Ilustración 24 Example configuration for OACA


17.6 Configurations for a custom workflow

For custom workflows, the custom workflow must be configured in transaction OACA.

Ilustración 25 Example for OACA configuration

If the custom workflow needs parameter, these can be configured in the configuration of

Pipeline Attributes:

The parameters are passed in pairs

WFPARAMETERELT : Element in the workflow container. This must have exactly the same

name as defined in the workflow container, so that the mapping can be done correctly.

WFPARAMETERVAL : Value that the workflow element should receive

There must be as many pairs of WFPARAMETER… as number of parameters for workflow are

necessary.

For custom workflows, no definition of WORKFLOWTYPE (EARLY|LATE) is necessary and can be

omitted.


18. Execution of the workItem in the SAP Business

Workplace

18.1 Execution of a Late Archiving Work Item in the SAP

Business Workplace

Identify and execute by double click the desired work item in the Workflow Inbox.

Ilustración 26 Sap Business Workplace Work Items

The archived image will be shown and a Process Document Type (Assign Document) dialog will

be shown. In this dialog, click on execute.

Ilustración 27 The archived image is shown


A assign dialog for the configured Business object will be shown.

Ilustración 28 assign image to document

A short overview of the chosen document will be shown to confirm.

Ilustración 29 confirm document assignment

Then the image is assigned to the SAP document.


In order to check, the document is retrieved and the annexed original image is shown:

Ilustración 30 view SAP document

Ilustración 31 open Attachment list

Ilustración 32 open attached image


Ilustración 33 display archived image

18.2 Execution of an Early Archiving Work Item in the SAP

Business Workplace

Identify and execute by double click the desired work item in the Workflow Inbox.

Ilustración 34 Sap Business Workplace Work Items


The archived image will be shown and a Process Document Type (Assign Document) dialog will

be shown. In this dialog, click on execute.

Ilustración 35 The archived image is shown


When clicking on execute in the Process Document Type (Assign Document) dialog is clicked,

the configured transaction will be shown.

Ilustración 36 SAP document creation


ANEXO

Software and Hardware indispensable for the correct configuration of Certified Digitization:

• SAP ALL (need different transactions to generate printList, creating REPOSITORY, etc.),

so you better have everything in DES and QUA.

• Minimum space for repositories, depending on the volume, maximum 50 Gb For

repository.

SAP

• Creating repository for Digital Signature.

• Creating a Repository for PrinList, 2Gb minimum:

Protocol: IX_OLEU2 (Deputy transport order to create, regardless of the client)

OutputDevice: ARCH

Detalles de ARCH:

OutputDevice: ARCH

Short name: ARCH

Device type: ARCHLINK: SAP archivelink archive;

Spool Server: Server on which the spool server runs;

Device class: Archiving program

Host Spool Access Method: I: Archiving device

Archive Server

• Creation match SAP repository for digital signatures and printList.

• Creating repository for TIMESTAMP (ATS) and the call pool (POOL) 2Gb.

dig cert 1.1 - installation guide

Documents

sap workflow

archive spawner

archive mode

monitor file

library files

servtab files

dpconfig files

workflow late archiving