Skip to content
Integration Insider
Menu
  • Integration Strategy
  • Integration Architecture
  • Security & Governance
  • AI in Integration
  • Career Growth
    • Soft Skills
  • Learn Integration
    • Integration foundation
  • Learn EDI
    • EDI Cheatsheets
    • EDI
  • Tools and Platforms
    • Cloud & Container Technologies
  • Python
    • Python for Beginners
  • Resources
  • About Integration Insider
  • Subscribe to Newsletter
Menu

EDI Cheat Sheet for AS2 Setup

Posted on November 12, 2025

A complete beginner-friendly guide that explains AS2 in plain language and gives you a step-by-step setup flow.

1. What Is AS2?

AS2 (Applicability Statement 2) is a secure highway for sending EDI files between businesses.

It gives you:

  • Encryption → the file is unreadable during transit
  • Digital signatures → proves who sent it
  • Receipts (MDNs) → confirmation it arrived
  • Real-time delivery → no waiting in mailboxes

AS2 is the most popular EDI transport today because big retailers (Walmart, Amazon, Tesco, Sainsbury’s, Boots, Carrefour, etc.) prefer it.

2. What You Need Before Starting AS2 Setup

Every AS2 connection requires five basic ingredients.

Think of it as a recipe.
If even one ingredient is missing, the setup won’t work.

1. AS2 ID (Your ID)

A unique name that identifies you.
Example:
YOURCOMPANY_AS2

2. Your URL (Your AS2 Endpoint)

The URL where you receive AS2 messages.
Example:
https://as2.company.com/as2/receive

3. Certificates

You need two pairs:

  • Public certificate you send to your partner
  • Private certificate you keep (for signing & decrypting)

Your partner also gives you their public certificate.

4. Partner’s AS2 ID

Like yours, but for them.

YOURTRADINGPARTNER_AS2

5. Partner’s AS2 URL

Where you send files to.

3. How AS2 Communication Works

You → encrypt the file with partner’s public certificate
You → sign the file with your private certificate
You → send it to partner’s AS2 URL

Partner → decrypts using their private certificate
Partner → verifies signature using your public certificate
Partner → sends back an MDN receipt

You → confirm MDN → end of flow

This cycle repeats for every EDI document.

4. Step-by-Step AS2 Setup

Below is the universal process that works for:

  • Boomi
  • MuleSoft
  • SAP PI
  • Seeburger
  • Cleo Harmony
  • IBM Sterling
  • Custom AS2 servers

Step 1: Exchange AS2 IDs & URLs

Both sides share:

ParameterYou ProvideThey Provide
AS2 IDYOURCOMPANY_AS2TRADINGPARTNER_AS2
AS2 URLhttps://as2.yourcompany.com/as2https://as2.tradingpartner.com/as2
Public Certificate✔️✔️
Name of the Business PartnerYOURCOMPANYTRADINGPARTNER
Test & Production Endpoints✔️✔️

This is called the trading partner profile.

Step 2: Exchange Certificates

Each side sends:

  • Public certificate (for encryption / signature validation)
  • Details of certificate expiry
  • Certificate format (usually .cer or .pem)

Best practice:

  • Use separate certificates for test & production.
  • Rotate certificates before they expire.

Step 3: Configure Outbound AS2 (You → Partner)

You configure how you send documents.

You set:

  • Partner’s AS2 ID
  • Partner’s AS2 URL
  • Partner’s public certificate (for encryption)
  • Your private key (to sign messages)
  • AS2 MDN settings (Synchronous is most common)
  • Compression (optional)
  • Content type (usually application/edi-x12 or application/edifact)

Important outbound settings:

  • Signing: SHA256
  • Encryption: AES256 or 3DES
  • MDN: Synchronous (most common)
  • AS2 version: 1.2

Step 4: Configure Inbound AS2 (Partner → You)

You configure how you receive documents.

You set:

  • Your AS2 ID
  • Your inbound URL
  • Your private certificate (to decrypt)
  • Partner’s public certificate (to validate signature)

Important inbound settings:

  • Check “Expect signed messages”
  • Check “Expect encryption”
  • Set folder or endpoint where inbound files land
  • Enable MDN: “Send back synchronous MDN”

Step 5: Test Connectivity (AS2 Ping / AS2 Test File)

Partner sends a small test file:

  • Usually a dummy text file or a small EDI file
  • Validates certificates, signing, encryption, MDN

You can do the same test by sending dummy text file or small EDI to test connectivity with your trading partner.

If this succeeds → connection is alive.

Step 6: Test Real EDI Documents

Send and receive real EDI messages:

  • DESADV
  • INVOIC
  • ORDERS
  • INSDES

Check:

  • Partner receives them
  • MDN returns positive
  • Your system processes inbound files

This is the UAT phase.

Step 7: Move to Production

Once test is successful:

  1. Exchange production certificates
  2. Update AS2 URLs to production
  3. Retest real files
  4. Go live

5. Troubleshooting AS2

ProblemLikely CauseFix
Certificate errorWrong certificate / expiredReplace with new certificate
No MDN receivedPartner cannot reach your URLCheck firewall, ports, URL
Signature validation failedWrong public cert usedImport partner’s correct certificate
Decryption failedWrong private keyEnsure your private key matches the public cert
500, 400, 403 errorsNetwork block / content type mismatchAdjust headers, check gateway
Files arriving but emptyWrong encodingSwitch to binary mode

6. AS2 Best Practices

Here’s the guidance that makes you sound expert and visionary:

  • Always create separate test and production profiles

It avoids confusion and downtime.

  • Keep certificates renewed 30 days before expiry

Expiry is the #1 cause of AS2 failures.

  • Use the partner’s latest certificate for outbound

Never reuse old ones.

  • Enable detailed logging

AS2 debugging becomes much easier.

  • Always store MDNs

They serve as legal proof of delivery.

  • Validate file size limitations

Some partners reject >20MB files.

7. Security Concepts

Digital Signature

Confirms who sent the file and that it wasn’t modified.

Encryption

Makes the file unreadable during transit.

MDN Receipt

Partner says:
“Yes, I got your file and I’ve verified it.”

Non-Repudiation

Legal protection – nobody can deny sending/receiving.

AS2 Explained With a Real-Life Analogy: The Secure Courier System

Imagine two companies want to exchange important documents – not over email, not by post, but through a specialised secure courier service.

This courier system works like this:

Step 1: Both Sides Set Up Their Identities

Before they can send anything, both companies need:

  • A nameplate on their building → AS2 ID
  • An official delivery address → AS2 URL
  • A trusted identity badge → Public certificate

This tells the courier who the sender is, where to deliver, and how to verify authenticity.

Step 2: Agree on Security Rules

Both companies exchange their identity badges (certificates) so they can recognise each other.

It’s like saying:

“Here’s my badge. When my courier arrives, check this badge to be sure it’s really from me.”

You do the same with theirs.

This is certificate exchange.

Step 3: Configure How Parcels Will Be Delivered

Now both sides decide:

  • Should the parcel be locked? → Encryption
  • Should the parcel have a tamper-proof seal? → Signing
  • Should the receiver send a delivery receipt? → MDN
  • What type of parcel are we sending? → Payload format

This step makes sure the rules are aligned, like agreeing on:

“We will padlock the box, seal it, and you must sign a receipt the moment it arrives.”

Quick AS2 Setup Checklist

You provide to partner:

  • AS2 ID
  • AS2 URL
  • Public certificate
  • Contact details

You need from partner:

  • AS2 ID
  • AS2 URL
  • Public certificate
  • Content types they accept
  • MDN settings
  • Encryption & signature algorithms

You configure:

  • Outbound AS2 profile
  • Inbound AS2 listener
  • Certificates
  • MDN
  • Logging
  • Integration routing

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • The Art of Reaching Out: Why Honesty Matters in Professional Networking
  • Starting with Python: A Practical Step-by-Step Guide for Beginners
  • Docker & Kubernetes: Mumbai’s Tiffin Delivery Analogy
  • Boomi AI Agents: The Beginner-Friendly Explanation You Wish You Had Earlier
  • What Is Integration? The Simplest Explanation You’ll Ever Hear
  • AI in Integration
  • Boomi AI
  • Career Growth
  • Cloud & Container Technologies
  • EDI
  • EDI Cheatsheets
  • Integration foundation
  • Integration Strategy
  • Learn EDI
  • Learn Integration
  • Python
  • Python for Beginners
  • Soft Skills
  • Tools and Platforms
  • Uncategorized

Categories

Join the Newsletter

Subscribe Now

About Integration Insider

Learn More
Follow on LinkedIn
©2025 Integration Insider | Design: Newspaperly WordPress Theme