Renewal of Enterprise EDIINT AS2 Certificates


Our company’s EDIINT AS2 certificates are getting expired by the end of Feb 2012. Currently, our Public certificates along with CA chain has been provided to around 170+ partners.

I want only 20 partners to change the certificate at a time. Is it possible for us to maintain old and new AS2 Certificates on Enterprise profile (PROD) at the same time - so that, If any of the partner fails to renew our Certificates on their system - They should still be able to communicate with our server (with no impact) until our older certs are expired?

Please suggest.


No I don’t think it works if you load multiple certs/chain in the profile…But you can test it QA/staging and see if the SSL handshake/chain verification works as expected with TP connectivity:



Note that we have 2 different types of certificates. 1 for SSL on Proxies and the other one for AS2 connectivity on Reals (internal). Both are expiring more or less in the same week.

170+ Trading Partners are located in different countries and they work in different timezones. It is impossible to ask all of them to change at the same time. I was looking for a solution with a minimal impact on business. Especially, Partner’s failure to renew the certificates at the specified time will be fatal on PROD.


I am fear there isn’t any other way having new certs load and intimate TP’s to use your renewed certs…Did you discuss with SAG support folks for any alternatives.

Yes I understand your criticality but at somepoint, most folks do before hand notification/alert all TP’s for this change to happen on a certain date (mandatory) and they should abide with your certs change in order to continue their bussiness with your enterprise: