General & Technical
-
Tips for Suppliers Updating SSL Web Certificates
Overview
From time to time you (the supplier) may notify Unimarket or your customers that you are updating an expiring SSL certificate used by your punchout (roundtrip) or order integration. Please note that certificates do not need to be manually shared with Unimarket if your server is configured correctly because intermediate web certificates are dynamically served, removing the need for manual configuration.
If you experience problems, then we have outlined a common issue below, together with a testing tool.
Common Supplier Configuration Issue
A common supplier configuration problem can occur when deploying a server with a valid certificate, but without all the necessary intermediate certificates installed. An invalid certificate chain effectively renders the server certificate invalid and results in browser warnings. This problem is often difficult to diagnose because some web browsers can reconstruct incomplete chains and some cannot. All browsers tend to cache and reuse intermediate certificates which also leads to issues.
To avoid this situation, we suggest that you use all the certificates provided by your Certificate Authority (CA).
You can check your configuration by visiting SSL labs tool here: https://globalsign.ssllabs.com/analyze.html. This tool checks many aspects of an SSL configuration and assigns the configuration an overall score. The report produced by SSL labs has many useful details and we recommend you aim for a B or higher rating. The key section is titled 'Additional Certificates (if supplied)'. If the ssllabs tool identifies any issues with the certificate chain, Unimarket will not perform manual configuration to work around such misconfigurations. However, if SSLlabs reports there are no configuration issues and the SSL is still not working and impacting connectivity, please contact us at support@unimarket.com.
-
Common cXML Elements
Overview
The following section outlines how Unimarket uses common cXML elements such as Header and Address elements which are common across Purchase Orders, Invoices and other cXML integration points.
This documentation should be read in conjunction with the technical documentation relating to the specific cXML integration point being implemented.
cXML Address elements
Please refer to Community Help > Community Management for information on how locations/addresses can be setup in Unimarket. Below is an example cXML Address element used in a 'ShipTo' element.
Current format
<Address addressID="testcode" isoCountryCode="NZ">
<Name xml:lang="en">Anne Arundel</Name>
<PostalAddress name="default">
<DeliverTo>Amy Demo</DeliverTo>
<Street>testline1</Street>
<Street>testline2</Street>
<Street>testline3</Street>
<City>auckland</City>
<State>Auckland</State>
<PostalCode>1000</PostalCode>
<Country isoCountryCode="NZ">New Zealand</Country>
</PostalAddress>
</Address>The cXML fields map to Unimarket fields as follows:
cXML Field
Example
Unimarket Location Code
Mandatory
<Address addressID>
testcode
Location Code
N
<Name>
Anne Arundel
Organisation or Community name
N
<DeliverTo>
Amy Demo
Buyer name
N
<Street>
testline1
Location Address Line1
Y
<Street>
testline2
Location Address Line2
N
<Street>
testline3
Location Address Line3
N
<City>
auckland
Location City
Y
<State>
Auckland
Location State or Region
N
<PostalCode>
1000
Location Zip code
N
<Country>
New Zealand
Location Country
Y
<Country isoCountryCode>
NZ
Country Code
Y
-
Firewall Requirements
Overview
Outlined below are the firewall requirements for setting up the Unimarket Connector.
The * in the URL refers to the customer's specific domain on Unimarket e.g. https://customername.unimarket.com
DEMO / TEST
URL
Inbound IP addresses (traffic from Unimarket to Customer)
35.224.103.99
Inbound Ports (traffic from Unimarket to Customer)
http: 9080
https: 9443 (recommended)
Outbound IP address (traffic to Unimarket from Customer)
35.227.211.230
Outbound Ports (traffic to Unimarket from Customer)
http: 80
https: 443 (recommended)
SSL Cert
URL (for integration points - payments, users & approval hierarchy)
(Outbound traffic only)
api.unimarket-demo.com
Outbound IP address (traffic to Unimarket from Customer)
35.190.82.104
Outbound Port (traffic to Unimarket from Customer)
443 (only)
US Production
URL
Inbound IP addresses (traffic from Unimarket to Customer)
35.224.36.200
Inbound Ports (traffic from Unimarket to Customer)
http: 8080
https: 8443 (recommended)
Outbound IP address (traffic to Unimarket from Customer)
35.227.207.217
Outbound Ports (traffic to Unimarket from Customer)
http: 80
https: 443 (recommended)
SSL Cert
NZ Production
URL
Inbound IP addresses (traffic from Unimarket to Customer)
35.197.168.186
Inbound Ports (traffic from Unimarket to Customer)
http: 8080
https: 8443 (recommended)
Outbound IP address (traffic to Unimarket from Customer)
35.227.246.185
Outbound Ports (traffic to Unimarket from Customer)
http: 80
https: 443 (recommended)
SSL Cert
AU Production
URL
Inbound IP addresses (traffic from Unimarket to Customer)
35.197.165.198
Inbound Ports (traffic from Unimarket to Customer)
http: 8080
https: 8443 (recommended)
Outbound IP address (traffic to Unimarket from Customer)
35.227.235.35
Outbound Ports (traffic to Unimarket from Customer)
http: 80
https: 443 (recommended)
SSL Cert