Compliance checks documentation

This page contains a list of all the tests that are performed for the compliance checks.

You can search for any error or warning from the report to find more information about the error or warning.

When you request a compliance check as an organization, you can specify for each of these whether a failed test should result in an error, a warning, or be ignored.

Contents:

• Document type not registered in Peppol Document Types Code List
• Document type has state ‘deprecated’ in Peppol Document Types Code List
• Document type has state ‘removed’ in Peppol Document Types Code List
• Support for document type, but not for its Peppol-issued equivalent
• Transport not registered in Peppol Transports Code List
• Transport has state ‘deprecated’ in the Peppol Transport Profiles Code List
• Transport has state ‘removed’ in the Peppol Transport Profiles Code List
• Duplicate transport for process and document type
• Process not registered in Peppol Process Code List
• Process has state ‘deprecated’ in Peppol Code List
• Process has state ‘removed’ in Peppol Code List
• Access Point certificate could not be parsed
• Access Point certificate has expired
• Access Point certificate has been revoked
• Non-Peppol Access Point certificate
• Peppol Test certificate used in production
• SMP certificate could not be parsed
• SMP certificate has been revoked
• Non-Peppol SMP certificate
• Peppol Test SMP certificate used in production
• Custom checks

Document type has state ‘deprecated’ in Peppol Document Types Code List

config item: document_type_deprecated_in_peppol_codelist

This test matches the supported document types of a participant against the current version of the Peppol Document Types Code List.

This test fails if a participant publishes support for a document type that has the state ‘removed’ in the code list.

Deprecated document types are document types that have been slated for removal, but are still allowed during phase-out.

Support for document type, but not for its Peppol-issued equivalent

config item: document_type_mandatory_not_supported

The Peppol Transport Infrastructure Agreement requires that Peppol BIS document types are supported for any category of documents that have an official Peppol BIS document Type (section 12.2).

For instance, if the receiving party accepts ‘invoice’ documents, it should support Peppol BIS Invoice documents.

This test matches the supported document types of a participant against the current version of the Peppol Document Types Code List.

For any document type that is not issued by OpenPeppol, it checks whether there is an equivalent (matched by XML Namespace and XML root element) of the document type that is issued by openpeppol.

If the participant does not support that document type as well, the test fails.

Note: there is one exception: Since Invoice documents can also represent credit notes, and therefore CreditNote documents are sometimes not directly supported, this check is ignored for (UBL) CreditNote documents.

Transport has state ‘deprecated’ in the Peppol Transport Profiles Code List

config item: transport_deprecated_in_peppol_codelist

This test matches the supported transport profiles of a participant against the current version of the Peppol Transport Profiles Code List.

This test fails if a participant publishes support for a transport profile that has the state ‘deprecated’ in the code list.

Duplicate transport for process and document type

config item: transport_duplicate

For every document type that a receiving party on the Peppol network supports, the SMP publication contains a number of ’transport’ entries: one for each supported transport protocol to deliver messages for this recipient. These entries contain the details necessary to set up a secure communication channel to deliver the message.

This test fails when there is more than one entry for a combination of transport type, process, and document type.

As per SMP specification:

For the list of endpoints under each Endpoint element in the ServiceEndpointList, each endpoint MUST have different values of the transportProfile attribute, i.e. represent bindings to different transports.

If multiple entries for the same transport are present, it is undefined which one of these is to be used by sending access points.

Process has state ‘deprecated’ in Peppol Code List

config item: process_deprecated_in_peppol_codelist

This test matches the supported processes of a participant against the current version of the Peppol Processes Code List.

This test fails if a participant publishes support for a process that has the state ‘deprecated’ in the code list.

Access Point certificate could not be parsed

config item: accesspoint_certificate_parse_error

Communication on the Peppol Network is protected by official Peppol Certificates. Each Service Provider has their own Peppol Certificate, which they use to encrypt and sign messages on the Peppol network.

These certificates are used to protect communication, and to make sure the other party is a valid and certified Peppol Member.

This test fails when the access point certificate published for a recipient cannot be parsed by the compliance checker at all.

Access Point certificate has been revoked

config item: accesspoint_certificate_revocation

Communication on the Peppol Network is protected by official Peppol Certificates. Each Service Provider has their own Peppol Certificate, which they use to encrypt and sign messages on the Peppol network.

These certificates are used to protect communication, and to make sure the other party is a valid and certified Peppol Member.

This test fails when the access point certificate published for a recipient has been revoked by OpenPeppol, because it has been replaced or because the Service Provider has been removed from the Peppol network.

Peppol Test certificate used in production

config item: accesspoint_certificate_peppol_test_used_in_prod

Communication on the Peppol Network is protected by official Peppol Certificates. Each Service Provider has their own Peppol Certificate, which they use to encrypt and sign messages on the Peppol network.

These certificates are used to protect communication, and to make sure the other party is a valid and certified Peppol Member.

Testing should not be done on the production network; Pepppol has a separate network and PKI for this. Test participants are published in the SMK instead of the SML, and different certificates are used for this purpose.

This test fails when the access point certificate published for a recipient is from the Peppol Test network instead of the production network.

SMP certificate has expired

config item: smp_certificate_expiration

Communication on the Peppol Network is protected by official Peppol Certificates. Each SMP Service Provider has their own Peppol Certificate, which they use to encrypt and sign messages on the Peppol network.

These certificates are used to verify that information published in an SMP is published by a valid and certified Peppol Member.

This test fails when the SMP certificate used for recipient publication has expired and is no longer valid.

Non-Peppol SMP certificate

config item: smp_certificate_peppol_pki

Communication on the Peppol Network is protected by official Peppol Certificates. Each SMP Service Provider has their own Peppol Certificate, which they use to encrypt and sign messages on the Peppol network.

These certificates are used to verify that information published in an SMP is published by a valid and certified Peppol Member.

This test fails when the SMP certificate used for recipient publication was not issued by OpenPeppol.

Custom checks

There are a number of (country-specific) custom checks we perform. We do not list them here, but if you have specific requests, let us know and we can discuss them.