LS-Peppol Specifications
LS-Peppol is a small, fast, efficient, and feature-rich ebMS3/AS4 server designed for business software applications needing an easy way to directly send and receive documents on the Peppol network.
Overview
It has been custom-built to be easy to install, manage and run, so that you can be your own certified Peppol Service Provider, and effortlessly exchange documents on the Peppol network.
Packed inside a tiny (4 MB) executable, LS-Peppol provides a powerful, all-in-one Peppol server which seamlessly integrates both an ebMS3/AS4 Access Point (AP) and a Service Metadata Publisher (SMP).
Applications can easily send/receive Peppol documents and manage the LS-Peppol server using the simple-to-use companion LS-Peppol client (LS-B2B).
LS-Peppol has many advanced features including strong security, server management, certificate provisioning, recipient discovery, multi-level authorisation, statistics, and conformance to all the Peppol and related international standards.
Architecture
All aspects of being on the Peppol network are supported including:
Messaging - AS4 (push, pull), lookups (SMP, SML), provisioning (SMP, SML, Peppol Directory), etc.
Operations - logging, notifications, security, certificate renewal, etc.
Management - statistics, provisioning, auditing, etc.
Notably, LS-Peppol seamlessly integrates all required servers and clients into a single executable:
6 inbuilt servers – gateway, SMP, lookup, certificate, provisioning, and console.
9 inbuilt clients – AS4, SML, SMP, register, credentials, licence, audit, email, and database.
Features
Business Features
Fast, secure, ebMS3/AS4 messaging server
Easy to configure, monitor and manage
Standards compliant including Peppol.
Peppol Features
Automated synchronisation with SML and Peppol Directory
Automated sender registration (optional)
AS4 signing and payload encryption
Integrated SMP server
Integrated SML/SMP clients (for dynamic discovery of recipients)
Multiple locators (for testing).
Security Features
Message signing (e.g. AS4 receipts, SMP responses)
Digital signature checking including certificate chain verification
Delegated administration with strong authentication and authorisation
TLS on all connections (v1.2/v1.3 with TLS SNI extension).
Management Features
Automated server credential provisioning and renewal
Automated client certificate issuance
Support for manager (credentialed) and hub (managed) parties
Database for authorisation, statistics, and reporting
Web-based console for monitoring and control
Notifications of alarms and alerts to an email address.
Operational Features
Simple XML configuration file
Simple to install – requires no special privileges or OS packages (other than the database)
Fast and efficient - with exceptionally low memory and CPU requirements
Minimal footprint - just consisting of a single small executable and a few other files
Ability to listen on multiple ports and auto-detect TLS
Tracing and logging with options for rotating daily logs and using Syslog.
Specifications
Size
5 MB (GZIP)
4 MB
20 MB (plus space for spool area and log files)
Performance
< 2 seconds
Near wire speed (mostly limited by remote server)
< 1% under load on any modern computer
System Requirements
Any modern server system
Linux glibc 2.17 or later (64-bit)
MariaDB-Server
Protocols and Security
HTTP (1.1), HTTPS, TLS (1.2, 1.3), TLS Extensions (SNI), Mutual TLS (MTLS), Proxy, UDP, DNS, REST, AS4 (ebMS3), SOAP, WS-Security, ACME (Let’s Encrypt), SMP (Oasis), BDXL (Oasis)
XML, SBDH, MIME, JSON, X.509 (certificates), PKCS#7 (CMS, certificates), PKCS#8 (private key), PKCS#10 (CSR), JWS (signatures), JWK (keys)
RSA (public key), AES (symmetric key), PKCS#1 (signing), LZW (GZip)
PEM (TLS, AP, SMP)
Open-Source Components (embedded)
Licensed under OpenSSL License
Licensed under Zlib License
Licenced under LGPL