AB Volvo has implemented session level encryption by using Transport Layer Security (TLS). The TLS provides data confidentiality by encryption of all protocol commands and data exchanged between Volvo Group and our partners. This will provide enough security, preventing a third party from extracting any useful information from the transmission.
Technical requirements for EDI Partner
The EDI partner needs to take action to secure the fulfilment of the technical requirements:
• Implement OFTP2 support in your EDI system
• Acquire a SSL Certificate issued by a Certificate Authority that has been approved by Volvo, see list below.
• The Common Name (CN) of your server certificate should contain the Fully Qualified Domain Name (FQDN) of your OFTP2 server. Do not use a static IP as host name.
• Volvo uses TLS line security (session encryption only).
• The validation is done against Root CA Certificates. That means that your certificate is NOT stored at Volvo and you should store only the Root CA Certificate of Sectigo for verification of Volvo's certificate. (For most of our EDI partners it is enough to verify Volvo's certificate via Sectigo Root CA but in a few cases the intermediate certificate is also needed.
Import the Root CA Certificate of Sectigo into your EDI System, found at:
Download SHA-2 Root : USERTrust RSA Certification Authority
Serial #: 01 FD 6D 30 FC A3 CA 51 A8 1B BC 64 0E 35 03 2D
SHA1 Fingerprint: 2B 8F 1B 57 33 0D BB A2 D0 7A 6C 51 F7 0E E9 0D DA B9 AD 8E
SHA256 Fingerprint: E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
If necessary; also import the intermediate certificate found at:
Download Sectigo RSA Organization Validation Secure Server CA [ Intermediate ]
Serial #: 13 7D 53 9C AA 7C 31 A9 A4 33 70 19 68 84 7A 8D
SHA1 Fingerprint: 40 CE F3 04 6C 91 6E D7 AE 55 7F 60 E7 68 42 82 8B 51 DE 53
SHA256 Fingerprint: 72:A3:4A:C2:B4:24:AE:D3:F6:B0:B0:47:55:B8:8C:C0:27:DC:CC:80:6F:DD:B2:2B:4C:D7:C4:77:73:97:3E:C0
• Firewall configurations: Incoming and outgoing IP-addresses are different because of HW (cluster) solutions. Identity sending files from Volvo is 220.127.116.11 or 18.104.22.168. If possible configure your firewalls to accept files from 192.138.117*
• Your OFTP2 server address must be resolvable by a Reverse DNS Lookup as well as the ordinary lookup. In more technical terms, your server should have both A- and PTR-records registered in your DNS. Please see http://en.wikipedia.org/wiki/Domain_Name_System#Reverse_lookup for details
OFTP2 Communication Parameters
SSID (ODETTE-Code): O0942000055610326980VOLVO
Approved Certificate Authorities
VeriSign, Inc. (used by Volvo)
America Online Inc.
SECOM Trust Systems CO.,LTD.
TC TrustCenter GmbH
Equifax Secure Inc.
The USERTRUST Network
Starfield Technologies, Inc.
Comodo CA Limited
RSA Data Security, Inc.
The Go Daddy Group, Inc.
Encode Networks Svenska AB
Files sent to Volvo with other SFID than stated above will not be accepted.
Volvo does not normally use predefined virtual filenames. If this is requested, please fill out the virtual filename you wish to receive in the EDI Communication Form.
The file format will be Unstructured. Please notify us if you want any other file format.
The code representation will be ASCII. Please notify us if you want any other code representation.