AS2 Connections
The AS2 protocol is a popular protocol for securely exchanging EDI files. Stedi provides fully-managed AS2 connections that take care of the intricacies of AS2 and scale automatically to meet your demand.
About AS2
You can technically use AS2 to exchange any type of file, but it is not commonly used outside of EDI.
AS2 and its predecessor, AS1, were designed to facilitate the secure exchange of business transactions using digital certificates and encryption prior to the popularization of HTTPS. AS2 was formalized in 2005 by the Internet Engineering Task Force (IETF) in RFC 4130. Despite the fact that HTTPS is now the de facto standard for secure message exchange, AS2 is still widely used throughout the business world. Modern AS2 connections, including those in the Stedi platform, can use both HTTP and HTTPS as the underlying transport protocol. The requirements for AS2 setup differ depending on whether you use HTTP or HTTPS.
Setting up an AS2 connection with a partner involves generating one or more public-private key pairs for use in encrypting and signing messages. Your partner will also need to generate their own key pairs, and then you and your partner will need to exchange public keys and agree upon an encryption algorithm.
View connection logs
You can view and filter logs for each AS2 connection. You can view three types of logs:
- Provisioning: These logs detail each step to create or update the connection, such as provisioning the certificates, making it easier to diagnose errors.
- Inbound: These logs detail each file that your partner sends to you over the connection.
- Outbound: These logs detail each file that you generate and send to your partner over the connection.
To view logs, go to the partnership associated with the connection and click the connection to view its details page.
Known limitations
-
Server-side TCP keep-alive is not supported. The connection times out after 350 seconds of inactivity unless the client sends keep-alive packets.
-
If an inbound message does not contain valid AS2 headers, it will not appear in the logs.
-
Multiple attachments and certificate exchange messaging (CEM) from AS2 version 1.2 are not currently supported.
-
For outbound messages, your partner’s server must support the Cryptographic Message Syntax (CMS) algorithm protection attribute for validating message signatures, as defined in RFC 6211. This is not supported in certain older IBM Sterling products.
-
For outbound messages over HTTPS, your partner’s endpoint must support the TLS version 1.2 protocol and one of the following cryptographic algorithms:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
Was this page helpful?