Setting up AS2
1 Prerequisites for AS2 communication
With email, one can send a message to any other recipient without prior authorization or any specific configuration. In AS2 communications, each partner must complete specific configurations to allow them to communicate. This must be performed for and between each and every partner, before any communication can take place. When two partners are establishing an AS2 connection, they must exchange their AS2 identifiers, URLs and certificates with each other. Each partner then creates a ‘Partner’ entity on their AS2 software to represent the other partner. This ‘Partner’ is created using the certificate provided by other partner, the AS2 identifier and URL, usually sent over an email.
1.1 AS2 Software setup
AS2 software setup will depend on the option selected by the organization. Some of the common options available are:
1.1.1 On-premise installation
Traditionally, most software applications have been installed on-premise, within the data center of an organization. Traditional AS2 software maybe installed on actual hardware or servers, or on Virtual Machines (VMs), or newer Containers or Kubernetes. On-premise software will usually run on Linux or Windows operating systems.
Advantages:
- Meet regulatory or compliance requirements to keep all data within the customer organization and network. e.g. Requirements to keep personal information within the EU, GDPR, Government requirements etc
- Ability to utilize traditional technology for tight integration with existing internal systems. e.g. ability to use shared file systems, databases, messaging systems such as JMS/MQ etc.
Disadvantages
- High cost of initial investment and operational expenses
- Require underlying hardware / virtual machines or containers and licenses for operating systems
- Cost of management and maintenance (e.g. OS and security updates etc)
- Cost of storage and network bandwith, requirement for high availability and fail-over
- Limited ability to integrate with natively cloud based systems and technology such as S3 storage
1.1.2 On-Cloud installation
On-cloud installations provide an easy mechanism to meet regulatory requirements. They also allow the hosting of applications on a highly available cloud environment, and making use of auto-scaling, to ensure availability and performance.
Advantages
- Meet regulatory or compliance requirements to keep all data within the customer organization and network. e.g. Requirements to keep personal information within the EU, GDPR, Government requirements etc
- Native cloud technology based solutions utilizing Serverless technology etc will be able to provide infinite scalability and availability
- Lower cost of operation and maintenance, especially with cloud-native serverless based solutions
- More flexibility to integrate with cloud native services or technology such as S3, SQS, SNS, Google storage etc
- Ability to host legacy AS2 software, but in a cloud environment
Disadvantages
- Limitations in integration with already existing legacy on-premise technology of customer
1.1.3 SaaS Subscription
Hosted Software as a Service (SaaS) solutions offer AS2 service availability within minutes. Users can self signup and setup their AS2 configurations with a modern web based interface. Costs are usually very much lower, especially for small volume users, and payments will be based only on the actual volume used, allowing more capacity as a business grows.
Advantages
- Simple to get started within minutes. No requirements for hardware or software resources, or purchases
- No systems to maintain, update, and no operational costs
- No startup costs or delays
- Pay only for volume used, and upgrade or downgrade as volume changes
- Costs will be exceptionally low with solutions utilizing cloud-native technology such as storage and serverless computing
Disadvantages
- Maybe an issue where data needs to be located in a specific geographic region or within the organization network. In such cases, a worthwhile compromise would be a dedicated, and isolated instance hosted only for the client, in the selected geographical region.
- Limitations in integration with already existing legacy on-premise technology of customer
2 Testing AS2 connections
After each partner creates a ‘Partner’ entry to represent the other, they first test connectivity by sending messages to each other. Usually the test file will be a simple text file, which the other partner will open up to verify is intact. Each partner also issues an MDN, if applicable, to confirm the receipt of the file, and it is checked to confirm that the MDN is successful. After both partners can successfully send and receive a test file with each other, the AS2 connection can be considered complete and tested.
When separate AS2 stations are used for testing and production, the above steps will have to be performed in the production configuration after completing the testing in the test environment. While larger organizations may have a separate test and production deployment, a small party can just create and use a single AS2 station, which simplifies operation.
2.2 Loopback testing with AS2 software
A loopback test in AS2 is where you would create both a Station to represent your organization, and a mock partner for testing. In reality this means the software will actually create two stations say A and B, and two partners B and A. A user can send a file from Station A to Partner B, and test its receipt at Station B, and vice versa.
2.1 Load Testing AS2 software
Loopback testing can be conducted to send and receive messages to the same AS2 software, and this could be used to generate a load test. In addition, any ApacheBench style HTTP/S load generator could be used with a hard coded AS2 request of a chosen size such as 1MB, and used to generate a huge load of incoming messages to the AS2 platform. This type of testing can be used where a platform needs to be tested and certified for deployment for large organizations, exchanging billions of messages per month. Our team has conducted such huge performance tests, and will be able to share resources, software and know-how to assist any customer with such a requirement. Please contact for more information.
3 Setup of actual AS2 connections
The actual AS2 configuration will be highly dependent on the solution used. For on-premise deployments, the solutions may allow customization with existing applications that are required to be integrated. Similarly, on-cloud solutions maybe deployed to customer cloud accounts on platforms such as AWS, GCP or Azure.