Guys, you are stretching the capacity of the system. Please remember, that this system has no SLAs!
Ping me if you are interested in knowing how to run some of the APIs on your own premises - use firstname@lastname.com to reach me….
This article explains one of the biggest mysteries in Peppol: how does the document exchange work and what roles does the SML (Service Metadata Locator) play in it.
To start a document exchange in Peppol, you need to have the following information before you can start submitting anything:
Lets start at the beginning. The first thing you need to do, is to find the SMP where the document receiver has registered its endpoints. Therefore the PPID and the SML information are required.
iso6523-actorid-upis and value 9915:test
acc.edelivery.tech.ec.europa.eu.
First thing that happens, is that the dynamic URL is assembled. The algorithm that is used is the following:
"http://B-" + hexstring(md5(lowercase(ID-VALUE))) + "." + ID-SCHEME + "." + SML-ZONE-NAME
ID-SCHEME and ID-VALUE are taken from the PPID
and the SML-ZONE-NAME is taken from the SML used.
That implies that each different identifier (as good as MD5 can do it) will create a different DNS name.
For the identifier iso6523-actorid-upis::9915:test and the SMK the created URL is
http://B-85008b8279e07ab0392da75fa55856a2.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu
Note: Due to this way of URL creation, the usage of https is not possible, because each SMP would need a TLS certificate for *.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu which renders the trust part useless.
This URL is resolved via the Domain Name System (DNS) as CNAME or A records to the
IP address 85.158.225.152 which is the IP of the server http://test-infra.peppol.at.
This is exactly the server name that was used when registering the SMP to the SMK.
However, the value of Host HTTP header is always set to B-8500...tech.ec.europa.eu.
See below for a link on what happens on SMP to SML registration.
Now it is two-step process.
First step is to build the domain name via
strip-trailing(base32(sha256(lowercase(ID-VALUE))),"=") + "." + ID-SCHEME + "." + SML-ZONE-NAME
ID-SCHEME and ID-VALUE are taken from the PPID
and the SML-ZONE-NAME is taken from the SML used.
That implies that each different identifier will create a different DNS name.
For the identifier iso6523-actorid-upis::9915:test and the SMK the created domain is
eh5boavaktmbgzyh2a63dz4qov33fvp5nsdvqklucfraayoodw6a.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu
Second lookup step is to perform a DNS lookup with the created domain using the NAPTR record type.
On Linux based systems this can be e.g. done on the commandline via the dig -t naptr.
For the example identifier above, the full command is
dig -t naptr +short eh5boavaktmbgzyh2a63dz4qov33fvp5nsdvqklucfraayoodw6a.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu
and the output for this command is
100 10 "U" "Meta:SMP" "!.*!http://test-infra.peppol.at!" .
Pick the record that uses the type U and the service Meta:SMP and apply the
regular expression !.*!http://test-infra.peppol.at! which is de facto a complete replacement
of the source domain so that the outcome is http://test-infra.peppol.at.
Note: From November 1st, 2025 the result in production may use https scheme and may contain
an optional path after the domain.
From February 1st, 2026 the result in production must use https scheme and may contain
an optional path after the domain.
Now that we have the base URL is already the URL to the SMP and all that is left to do, is to append the participant identifier to the URL to get all supported document types.
For the example the URL would be
http://B-85008b8279e07ab0392da75fa55856a2.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu/iso6523-actorid-upis::9915:test.
To see that this is just a DNS forward you can compare the results of
http://B-85008b8279e07ab0392da75fa55856a2.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu/iso6523-actorid-upis::9915:test
and
http://test-infra.peppol.at/iso6523-actorid-upis::9915:test
and see that there is no difference in the responses.
For the example the URL would be
http://test-infra.peppol.at/iso6523-actorid-upis::9915:test.
The reason why the participant identifier needs to be appended again is solely than an SMP can host multiple participants on the same server.
Now that the SMP URL is known, the SMP query with the document type
(following the schema http://smp.url/participantID/services/documentTypeID)
can be performed.
The resulting, digitally signed document must be parsed so that the endpoint matching the
desired process ID and transport protocol can be retrieved.
This is finally the AP URL to which the business document is to be send.
All the above mentioned steps are usually handled by the SMP client software, like my OpenSource SMP client or my OpenSource standalone SMP query application.
The last step is the transmission of the business document to the endpoint URL determined in the previous step. Additionally, components like special validation services etc. may be used depending on the effective setup but they are not covered in this article.
This is the task of the AccessPoint client (or sending AP).
And how was the SML involved in all of this? Not at all!
Only the Domain Name System (DNS) is queried upon a document exchange.
And if the DNS ever fails, there are usually more severe issues than not being able to send documents via Peppol.
And that is one of the smartest elements of the Peppol Network:
No central single point of failure that can stop the document exchange for everybody.
A detailed description can now be found at SMP-SML interplay.