CHANGES IN FRAMEWORK CONDITIONS FOR AS2 CONNECTIONS
Changes in the framework conditions for AS2 connections occur on a regular basis and are normally initiated by the interchange partner. Because this is direct peer-to-peer communication, such connections are heavily encrypted using certificates for maximum security.
Change requests mostly concern basic parameters:
- changing certificates—AS2 certificates are used to encrypt data communication. To implement this, sender and receiver must interchange their respective certificates and store them in the AS2 communication modules in use on site. For security reasons, these certificates have a limited term so that in practice the shared certificates need to be renewed on a regular basis. Choosing the communication protocol: AS2 connections can be based on the HTTP or the HTTPS protocol. For security-related considerations, the HTTPS protocol is preferable here. Older AS2 implementations, in particular, are still based on the HTTP protocol. In order to guarantee an up-to-date level of security, these connections are increasingly being converted to HTTPS. The backdrop is that in HTTP connections only the file content is encrypted, whereas in HTTPS both content and connection are encrypted.
- A change in the IP landscape: reorganizing internal IP address pools often leads to changes in IP addressing that must then be verified in the respective AS2 modules. Because the peer-to-peer communication modules are mostly located in the DMZ for security reasons, changes in the DMZ infrastructure lead virtually inevitably to adjusting IP addressing and firewall parameters (activation). These adjustments often even require changes to the server paths.
For these reasons, relatively frequent requirements arise in practice with respect to changes in AS2 framework parameters; the most recent examples are:
- Changing IP and server paths in Ahold CZ
- certificate changes in AS2 communication with Hagebau (changeover date: 11/28/2018 at 10:00 a.m.)
- Certificate change in AS2 communication and change in IP addresses at Lidl (changeover date: 11/08/2018 at 12:01 a.m.)
- Change in IP addresses at 1WorldSync (changeover on 11/25/2018 at 10:00 p.m.)
- Expiry of the current AS2 certificate at Bosch Rexroth (changeover on 07/09/18)
Softzoll offers its customers every change in connection with adjusting AS2 connections at a fixed price, including implementation and connection tests. Whether our customers run an in-house system or the system is located in the Berlin data processing center is not important here. Keywords Softzoll, EDI, EDIFACT, AS2, AS2 connections, certificate, changing certificates, communication protocols, HTTP, HTTPS
- Softzoll, EDI, EDIFACT, AS2, AS2-Verbindungen, Zertifikat, Zertifikatswechsel, Kommunikationsprotokolle, http, https