- The vendor relationship requires data exchange, and Amazon prefers that you use Electronic Data Interchange (EDI) to exchange data with them.
- EDI is an industry standard for transferring data between computer systems or computer networks.
- EDI over the Internet (EDIINT) is a working group of the Internet Engineering Task Force (IETF) that is chartered with creating specifications for transporting EDI or XML documents over the Internet in a secure, highly reliable manner.
- Amazon defines secure as digitally signed and encrypted.
- Amazon trading partners each get a dedicated AS2 server configuration for electronic data exchanges with them.
- AS2 is the preferred method, but if you cannot use AS2, FTP is an acceptable alternative.
- Applicability Statement 2 (AS2) is the current EDIINT/IETF specification for transporting data between organizations via the Internet.
- EDI over the Internet (EDIINT) is a working group of the Internet Engineering Task Force (IETF). They create specifications for transporting EDI or XML documents over the Internet in a secure (digitally signed and encrypted), highly reliable manner.
- AS2 allows organizations to implement a certified interoperable (plug-and-play) solution for data exchange with any other business partners who are using an AS2 solution.
- It provides S/MIME encryption and security over HTTP or HTTP/S. S/MIME (Secure/Multipurpose Internet Mail Extensions) is the standard means of transporting virtually all Internet email. It secures data with:
- Authentication
- Message integrity
- Non-repudiation of origin
- Privacy features
11. HTTP (Hypertext Transfer Protocol) and its secure form, HTTP/S define how messages are formatted and transmitted and what actions Web servers and browsers should take in response to various commands.
12. All certified AS2 software vendors voluntarily choose to participate in a testing process and pay to support the cost of their participation.
13. Each Interoperability Test Round confirms that products-with-version will interoperate with all other products-with-version listed within that test round.
14. If you plan to use AS2, go to EDI > Self Service Setup in Vendor Central.
15. Because the Inventory and Cost Feeds have a specific filename convention, you must configure your AS2 system to preserve filenames in the AS2 transmission.
16. Certified AS2 software can be found here: http://www.drummondgroup.com .
17. You will need to configure the AS2 software for your network, firewall, and encryption.
- You will be provided with a unique AS2 server configuration on Amazon.com.
- If you filter your network traffic by IP ranges or port, the following IP addresses need to be configured to access your systems.
- 107.21.95.192/27 subnet 255.255.255.224
- 107.21.95.224/27 subnet 255.255.255.224
Note: The above IP addresses are ranges and most firewalls allow for the subnet to be entered. Here is how these ranges break down:
- 107.21.95.192/27 has a subnet mask of 255.255.255.224 which means the range is 107.21.95.192 through 107.21.95.223 for a total of 32 IP addresses.
- 107.21.95.224/27 has a subnet mask of 255.255.255.224 which means the range is 107.21.95.224 through 107.21.95.255 for a total of 32 IP addresses.
2. If you filter inbound traffic by port, you will need to allow Amazon to access your AS2 server’s port.
3. If you filter outbound traffic by port, you will need to allow your network to access the Amazon SimpleEDI Hosted AS2 service running on port 80.
- The encryption methods available are:
- PKI – S/MIME encrypted/signed
- Encryption Algorithm: 3DES–168
- Hashing Algorithm: SHA1
- Receipt Type: Request signed receipt
- Receipt Algorithm: SHA1
- MDN: Asynchronous
- The Amazon AS2 servers run in the cloud, so externally facing IP addresses change frequently within the ranges listed above. Amazon recommends that you set your TTL (Time To Live) for the DNS cache so that it will expire the results and force a DNS lookup periodically to ensure continued connectivity with Amazon, even if the IP address of the AS2 server changes.
- Java-based AS2 servers: Add -Dsun.net.inetaddr.ttl=60 to your startup script to protect against future IP address changes.
- All other AS2 servers: If your AS2 server caches DNS results, you will need to set up your DNS caching options correctly.
2. If you still experience AS2 connectivity issues, click Contact Us on any Vendor Central page. Run the following command on your AS2 server and provide Amazon the output in the contact case.
- Windows: tracert as2.amazonsedi.com
- UNIX: traceroute as2.amazonsedi.com