Skip to Content
Pillar Pages

What Is AS4?

AS4 (Applicability Statement 4) is a message protocol based on web services to securely exchange B2B messages between trading partners. The protocol was developed by the technical committee of OASIS (Organization for the Advancement of Structured Information Standards) for ebXML Messaging Services. AS4's web services capability gives it the opportunity to develop into a cloud-based communication standard.

Comparison AS2 and AS4

AS4 and AS2 are very similar by design. During the development of AS4, all advantages of AS2 were analyzed, worked out and inspired by them. In contrast to AS2, AS4 works within a web service context and also has better interaction patterns and delivery notifications. In addition, compared to AS2, AS4 has the option of actively pulling messages by the recipient, since the AS4 server is permanently active.

Main features of the AS4 messaging standard

  • Interoperability: The AS4 messaging standard is defined based on the OASIS standard
  • Security: A subset of web services security features is used to ensure the non-repudiation of the message and data confidentiality
  • Reliability: by exchanging confirmations, AS4 ensures a one-time delivery
  • Independence from use: any type of payload (EDI, XML, ...) can be exchanged

AS4 Messaging Service Handler

The Messaging Service Handler (MSH) is responsible for setting up the AS4 message exchange with the remote station on the sending or receiving side. Communication with the remote station must comply with AS4 specifications and be able to communicate with an internal business application.

 White Paper

Accelerate and Automate Business-Driven Innovation with Integration

Read now

Message types of AS4

The ebMS 3.0 specification defines the following message types defined within the AS4 usage profile:

User Message

contains the business payload that is exchanged between the business applications of two parties

Signal Message

have the function of establishing non-repudiation and reliability. There are three different types:

  1. Receipt: Confirmed that the received MSH could analyze the incoming message
  2. Error: Confirms that the received MSH encountered a problem while parsing the incoming message.
  3. Pull request: Supports the pull message exchange pattern.

The areas of use of AS4

AS4 is increasingly being used in markets that use a service-oriented architecture for B2B messaging. These include the retail trade, the healthcare and the utilities sector.

For example, the European gas network operators (ENTSOG) have already defined their own usage profile in 2015. Other uses that rely on AS4 include:

  • Peppol (Pan-European Public Procurement Online)
  • e-CODEX (e-Justice communication via online data exchange)
  • ENTSOG (European Network of Transmission System Operators for Gas)
  • EPREL (European Product Registry for Energy Labelling)

Learn more about how SEEBURGER AG offers its customers an AS4 gateway for various purposes.

What are the general advantages of AS4?

The source is clearly defined by digital signatures
Data security through encryption is secured
Proof of timely delivery by delivery notification receipt
Support for large file compressions and file transfers




Will the migration period be extended to April 1, 2024?

The AS4 migration period will not be extended.

AS4 profile

Where can I find details of the AS4 profile? Is this available to view anywhere?

You can find information on the AS4 profile for MaKo on the edi@energy page.

Does AS4 use the push or pull method?

MaKo only uses the push method.

Is the URL in the certificate the AS4 address or web address where I can get the AS4 parameters?

The URL is the same as the AS4 address used for communication.

When can I consider a file “delivered“ through AS4? Is there a time stamp I can refer to?

Your file has been successfully transferred via AS4 if you receive a synchronous, non-repudiation receipt (NRR).

As with smart meters, do I have to provide a separate host name for each connection?

Each endpoint, i.e. each individual partner ID, requires a hostname.


What is HSM?

HSM is an acronym for Hardware Security Module. This is used to generate and store private keys.

Can my company only use one HSM?

A company can use multiple HSMs. There are no restrictions to the number you can use.

Can I use the same HSM for smart meter communication and MaKo?

Yes, you can use the same HSM. You can find more details in the BSI Certificate Policy (CP) for Smart Metering PKI version 1.1.2.

What HSMs can I use?

From what we know so far, you can use any HSMs that have already been approved for SM-GW communication by the BSI.

Can I implement and use one HSM for multiple organizations and customers or are there scenarios that require two or more HSMs?

You can use one HSM for several organizations and customers.

From now on, will every MaKo process via AS4 access my HSM in order to retrieve the certificate information?

All cryptographic operations that need a private key take place within the HSM.

The CP was published by the BSI in March 2023. It describes that no HSM and no process can be streamlined for "smaller scenarios." How exactly is that to be interpreted, since some passages of the CP also contradict each other?

Contradictory passages from the CP related to storing the keys for communication with the sub CA, and not for market communication, will be corrected.


Which sub CAs can I use for MaKo and from when?

Find more information on all sub CAs in this list from the Federal Office for Information Security (BSI): SubCA-Liste.

Can the TLS-SSL certificate for an incoming AS4 https endpoint come from a free CA, or does it need to come from the BSI PKI?

You must use a TLS certificate from the smart metering public key infrastructure (SM-PKI).

Do I actually need a separate AS4 certificate for each role or division? This field has always been optional for AS2?

The certificate policy for the smart meter PKI stipulates an individual AS4 certificate for each MP-ID - i.e. also for each division- as the MP-ID must be maintained in the certificate.

Will there be permanent AS4 certificates? Or will they also expire after a certain period and need to be re-obtained?

From what we know so far, the AS4 certificates will expire after two years.

Migration scenarios

What can I do if market participants are still not able to use AS4 after October 1, 2023, or if my own company has not migrated to the new messaging protocol yet?

There are no clearly defined rules or consequences for this scenario. However, it is obligatory to have fully migrated by March 31, 2024 at the latest.

Where can I find the BDEW recommendations for the migration period?

You can find the BDEW application help “introductory scenario for migrating to AS4” on the Edi@Energy website.

What is the process for automated migration to AS4 after the test period, or after a request for migration has been issued?

The conversion service sends a conversion request to the partner. Your partner confirms the request, after which you can use AS4 to communicate in both directions.

Can I completely delete email communication data during the migration period?

Please ensure a fallback option to email in the unlikely case that an error occurs during the migration period of October 2023 to March 2024.

What if a market participant can’t be contacted via AS4, i.e. retry continues to fail?

If the connection fails even after repeated attempts, the sender receives an error notification. However, if only a single transmission fails, this does not mean that the whole market communication has been disrupted.


Have there beeninteroperability tests with other manufacturers?

SEEBURGER is in contact with other manufacturers and service providers as well as via various working groups, such as BDEW, EDNA. The tests are ongoing.

Are there exemptions for certain market participants or limitations for SMEs?

No, there are no exemptions.

Where is the data decrypted?

In the HSM.

Why are there two versions of the regulations for the transmission paths? Which one is valid?
  • Both will be valid.
  • RzÜ from version 2.x regulates the AS4 communication for MaKo in the electricity sector.
  • RzÜ from version 1.x regulates the communication for MaKo in the gas industry which has not yet changed, Redispatch 2.0.
What are the e rules for the gas industry?

RzÜ 1.x continues to apply to the gas industry.We currently have no information when they are implementing AS4.

The 24-hour supplier change process is currently in consultation. What impact does this have on market communication?

The effects on MaKo are not yet known, as the individual process steps have not yet been defined. However, this has no effect on today's MaKo.

Connection to the SEEBURGER AS4 Cloud Service

How do I connect to the AS4 cloud service?

Connect via AS2 or a REST service.

Do you work in a sector with its own specific needs?

Take a look at the SEEBURGER range of industry-specific solutions