I've made this project https://sourceforge.net/projects/as2openssl/
a year ago (though I uploaded it until yesterday to SF), and it works ok to a good level. It's not a large project, I've kept it as simple as possible and sure it can be made even simpler. I just tried to follow the RFC and implemented all from scratch. Testing it against a "certified" version, works ok when receiving messages: it decrypts, it checks signature, produces the MDN (a kind of elegant receipt) and the partner takes the MDN as correct, so the 2 computers talk in a matter of seconds and agree that all is ok. What it's been still uncertain is why the communication can not be started on my side. The business-partner seems to not have enough information to say why the message is not right. They have checked headers, which seem ok. The message is received by them but not parsed and no MDN is produced for me which is simply against the RFC-4130 because at least a MDN with an error should be produced. Not want to stuff this initial message with all the tests done so far.
I just wanted to invite the enthusiasts of openssl and ecommerce to participate in this open source project, it's made in perl, but I'm willing to switch anything of course if it's worth the change and if it makes all things easier.
Clients for not open source options pay up to 80,000 dlls, but needs for e-commerce are everywhere and allow opensource versions for free with room for trainers, setup engineers/technicians, all starting at 300 dlls. From there, you still have to translate all invoice, purchase order databases into XML to feed the e-commerce AS2 and other electronic invoicing systems.
All comments welcome, it hasn't been easy to find people interested; seems like cryptography scares many; no doubt it has its difficult things, but I've found a good way to deal with the thing with not so much trouble, so I'm ready to transmit the knowledge I've aquired over to help others and continue developing.
Thanks for reading and sincere regards