AS2 is a peer-to-peer HTTPS and coded SMIME-based protocol, and is certificate-enabled using SSH encryption. The benefits of the AS2 protocol are the ability to push files and the ability to receive mail delivery notification (MDN). Optionally, MDNs may be signed and/or encrypted.
The client partner and American Express jointly conduct technical sessions to evaluate implementation requirements and to test connectivity. The AS2 Setup Form is used to capture the parameters for the configuration of the protocol and also to exchange certificates.
The client partner must be using fully interoperable AS2 software for transport and must configure the software for asynchronous trading. It is strongly recommended that HTTPS be used. MDN format receipts must be provided in response to transactions. A trusted root authority certificate is required for HTTPS. A digital certificate will also be required for encryption and identity which can be self-generated by the AS2 software, but must follow the DER Encoded binary X.509 standard.
American Express only supports SSL over port 443 (this is the standard SSL port). The client partner should have 128bit SSL client sessions enabled to send data and 128bit SSL server sessions to receive data. Additionally, to receive data from American Express, a registered domain is required and a site certificate issued from a trusted root authority that certifies the site URL.
AS2 is a peer-to-peer file transfer protocol. Each side of the partnership must exchange a signing certificate (used for signing receipts) and encryption certificate (for decrypting incoming documents). The public keys of these local signing and encryption certificates are provided to the remote partner who then uses these certificates to encrypt documents sent to the local partner and to verify receipt and document signatures sent. AS2 gives an option of selecting different certificates for signing and encryption. However, most partners use the same certificate for both signing and encryption, including American Express. American Express prefers to receive the partner certificates in PEM or CER format.
Exchange of the AS2 parameters is achieved through the use of the AS2 Setup Form. The following chart details the AS2 parameters for the American Express system for AS2 file transfers over the Internet.
American Express Internet Connection Parameters
AS2 Test Name —
Test URL — https://fsgatewaytest.aexp.com/
Test Port Number — 10443
AS2 Production Name —
Production URL — https://fsgatewaytest.aexp.com/
Production Port Number — https://fsgateway.aexp.com/
Receive Encryption Type — 10443
Receive Signature Type — 3DES
Partner Receipt Type — MDN
Send Security Envelope — SSL
Send Encryption Type — 3DES
Send Signature Type — SHA-1
MS Receipt Type — MDN
For extranet file transfers, all parameters are as above, except the URLs. The test URL is https://fsgatewaytest.intra.aexp.com and the production URL is https://fsgateway.intra.aexp.com.