3 Aspects To Consider When Introducing AS4
On March 31, 2024, the transition phase for the changeover of the transmission path in the context of market communication ended. By this date, all participants in the electricity market were required to have switched the transmission path from SMTP to AS4 in accordance with the BDEW guidelines. Since version 15, NoSpamProxy has also offered this form of transmission and symbolically acts as a loading station between the SMTP and AS4 protocols. Read this blog article to find out which three points you should pay attention to when switching to the AS4 protocol.
In addition to the protocol change, the origin of the certificates has been regulated much more strictly. These must now be obtained from the state-controlled Smart Metering PKI. A certificate triple must be procured for each role in the market. A triple consists of a TLS certificate, a signature certificate and an encryption certificate. In order to guarantee the best possible protection of the private keys, the keys of the signature and encryption certificate must be stored on a Hardware Security Module (HSM). The operation of an HSM was still uncharted territory for many customers, so the knowledge required for this project was correspondingly high.
„After the first three weeks of the transition phase, our customers and we can definitely draw a positive conclusion. Of course, there have been a number of questions and occasionally minor problems when exchanging messages with other manufacturers. However, the short paths between development and support were very helpful in overcoming these and were very well received by our customers.”
Stefan Cink, Director Business and Professional Services
Do I need a Hardware Security Module (HSM)?
As an active market participant, the use of an HSM is mandatory. Regarding the use of an HSM for passive market participants, the version of the Certificate Policy (CP) of the Smart Metering PKI dated 25 January 2023 (version 1.1.2) states that ‘[…] passive EMTs must use cryptographic modules that are at least compliant with the Key Lifecycle Security Requirements – Security Level 1. […] The specific requirements for the cryptographic modules must be derived by each market participant in accordance with the security concept to be drawn up by them.’ We therefore recommend that all market participants use an HSM.
Which certificates do I need?
As mentioned above, all market participants must obtain the required certificates from a registered Sub CA of the Smart Metering PKI. A list of these Sub CAs can be found on the corresponding page of the BSI.
We strongly recommend that the certificate request process is carried out as soon as possible. The issuing guidelines stipulate that a certificate triple must first be requested from the test CA of the respective CA. After the prescribed integration tests have been successfully completed, the customer then receives the triple from the active CA. NoSpamProxy provides the applicant with the best possible support during each of the individual steps.
How do I set up AS4 in NoSpamProxy?
Once the customer has stored their own market partner master data in NoSpamProxy and the certificates have been imported, the rest of the communication is largely automatic. Only the initial communication with a new market partner requires a manual step to exchange the appropriate certificates. Even this step is almost completely automated, only the AS4 communication needs to be requested. The certificate search is carried out by NoSpamProxy in the background.
High degree of automation and predictable costs
Not only the sophisticated technology with a high degree of automation, but also the attractive pricing of the new module were and are good reasons for customers in the energy sector to opt for NoSpamProxy as an AS4 gateway. In contrast to many market competitors, our customers benefit from predictable costs and are not negatively surprised by subsequent payments at the end of the year.
Switch to AS4 now
With NoSpamProxy, you can reliably protect your company from cyber attacks and benefit from seamless integration with AS4. Request your free trial version now!
