Ssl soap

i am using weblogic 5.1 with apache soap 2.1.i need to do a secure the soap services so i installed server certificates from verisign and set the weblogic properties appropriately.at startup i saw the ssl service start.i was able to view the stuff from a browser..but i am not able to connect from my client code to the https url.i tried replacing https in the url with t3s which throws malformed url exception.can any one help me with this?

i am using weblogic 5.1 with apache soap 2.1.i need to do a secure the soap services so i installed server certificates from verisign and set the weblogic properties appropriately.at startup i saw the ssl service start.i was able to view the stuff from a browser..but i am not able to connect from my client code to the https url.i tried replacing https in the url with t3s which throws malformed url exception.can any one help me with this?

Similar Messages

  • SSL SOAP Adapter Error - SSLException while handshaking -

    I'm receiving the following error in a SOAP receiver adapter over https:
    ssl_debug(9): Sending v3 client_hello message, requesting version 3.1...
    ssl_debug(9): Received alert message: Alert Fatal: unexpected message
    ssl_debug(9): SSLException while handshaking: Peer sent alert: Alert Fatal: unexpected message
    ssl_debug(9): Shutting down SSL layer...
    Both the ABAP and JAVA stacks are configured properly for SSL as per the help.sap.com instructions. 
    Here is more detailed information (sorry for the formatting):
    #1.5#00144F37BB49006B0000010000001F4D00043969FB64B9E3#1189027258874#com.sap.aii.messaging.net.HTTPClientConnection#sap.com/com.sap.aii.af.soapadapter#com.sap.aii.messaging.net.HTTPClientConnection.getInputStream(Socket)#J2EE_GUEST#0##sl07e02_DX2_1679550#PIAPPLUSER#d86bf0a05bf511dcba2f00144f37bb49#XI SOAP[BS_XXX_SOAP_getUpdateHTTPSTesting/BS_MDX/MDX]_58508##0#0#Error#1#/Applications/ExchangeInfrastructure/AdapterFramework/SAPLibraries/SAPXDK#Plain###failed to get the input stream from socket: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: unexpected message#
    Any help is greatly appreciated.  I've searched everywhere for any help on "unexpected message" but have found none.  There is no info here.  I hope you can help.  Thanks.

    I think you can use Altova XML spy, see following link:
    http://www.altova.com/support_faq_installation.html#q4_install
    Is XMLSpy® 2007 also available for Linux, Unix, Macintosh, OS/2, etc.?
    Since XMLSpy® 2007 is a high-performance development environment, it is written entirely in C++ and is tightly integrated with the Windows operating system. It is also possible to use XMLSpy® 2007 on other operating systems with Windows Emulation Software. More Information can be found on our Platforms page. Please note that we cannot give any technical support or make any warranties regarding the usability of XMLSpy® 2007 in such a scenario.
    Is it possible to install XMLSpy® 2007 on a Citrix / Windows Terminal Server?
    If you wish to install XMLSpy® 2007 on a server such as Citrix or Windows Terminal Server then there are two things to bear in mind:
    A) You MUST purchase concurrent licenses of XMLSpy® 2007 for use in a terminal server environment as opposed to the installed (per seat) licensing model.
    B) No technical support can be provided by Altova for technical issues that may arise as a result of using XMLSpy® 2007 in a Terminal Server environment.

  • Ssl soap disabled - data sync setup

    Setting up data sync. On the gw server (sles11sp2-oes for nss only) I use C1 and set Internal SOAP with ssl enabled.
    I attempt to connect to the SOAP securely during the Data Sync install (Grpwise connector settings part of install) - it fails. I un-select the secure SOAP, connection works.
    I examine the poa log and I see that SOAP over SSL Disabled. Can't figure out why. Any clues?

    Originally Posted by laurabuckley
    I'm sorry that you are having these problems!
    me too......
    A couple of things to check.... your key file and certificate, are they in 8.3 naming standard? I find that spaces, etc, can cause problems.
    I created self signed key and crt, although when I cat them in the terminal they look the same. I suspect they are the problem and this is why. I was able to double check the syntax in the datasync install. Once that was all correct, then I was able to connect via SOAP non-secure. So the connection and the trusted app are working. When I attempt to do the install of the GW connector using secure SOAP, it fails. So I did some testing. I enable http to both POA and MTA using ssl, both failed. I get an error that has the following:
    SSL received a record that exceeded the maximum permissible length.
    (Error code: ssl_error_rx_record_too_long)
    So I change POA and MTA http back to disable SSL and I can connect to them. The only thing I can come up with is that the key and certs are wrong. or not configured correctly.
    So, now I have copied my 3rd party cert and keys (which work and are functional for my gw 2012 webacc) to /etc/ssl/servercerts/ and I can get the https to launch for https to the POA, but the cert is not trusted. The reason stated is that these certs are only for the *.domainname.xxx. I think I am getting this error because the domain name on this server is a different domain name (this is a new system that I will point to my GW8 data once it is all functioning correctly). So, I guess I need to change the domain name on the server and in GW on the server. Where do I do that at...........
    but I am making progress.....
    You didn't mention what OS your GroupWise system is running on, but if it is Linux then the key and cert file name must be in lowercase.
    This is a oes 11 sp 1
    Lastly - when you setup SSL it is not sufficient to do a restart on the post office agent, you actually have to do a stop/start on it.
    Cheers,
    Right, I figured that one out on my own.... : )
    Thank you for the help and for my rambling, but I am going this alone and often times as I am typing out my response, I get ideas, as was the case this time, and so I posted them. I hope I have supplied enough details.

  • SOAP https transport ?

    Hi all,
    We want to access to web services in WLS6.1 using SOAP https (dynamic SSL)
    transport (not http). Is it possible? If possible, please describe this
    process.
    Thanks,
    Alex Jurcenko

    Not sure if your still looking for a solution to your problem but if you set the protocol attribute in your wsgen ant task to "https" instead of the
    default "http", your generated wsdl file will use the correct protocol.
    Ronny.
    Alex Jurcenko wrote:
    Hi,
    That means that we can use https protocol from client side to get WSDL description
    only?
    But when we will see the WSDL file we find that SOAP protocol is http.
    Client side:
    WebServiceProxy proxy = (WebServiceProxy)context.lookup("https://localhost:7002/pricer/statelessSession.PricerHome/statelessSession.PricerHome.wsdl"
    WSDL file:
    - <service name="Pricer">
    <documentation>todo</documentation>
    - <port name="PricerPort" binding="tns:PricerBinding">
    <soap:address location="http://localhost:7002/pricer/priceruri" />
    </port>
    </service>
    How to make SSL SOAP call using WSDL, that means that WSDL protocol is SSL(https)
    and SOAP call is SSL(https) too ?
    Please help.
    Thanks,
    alex
    "Jeff Crilly" <[email protected]> wrote:
    yes it is, as long as you dont want WLS6 to be the client with client
    authentication.
    We have this working. Just use https in the url when connecting from
    the
    remote client.
    (I currently have SOAP over SSL between WLS5.1sp6 and WLS6sp2. However
    I need client authentication to also work.)
    "Alex Jurcenko" <[email protected]> wrote in message
    news:[email protected]..
    Hi all,
    We want to access to web services in WLS6.1 using SOAP https (dynamicSSL)
    transport (not http). Is it possible? If possible, please describethis
    process.
    Thanks,
    Alex Jurcenko

  • SSL: Connection reset by peer ; Failed to enable crypto error while calling the report using bing API with SOAP client

    Hi,
    I am trying to fetch report using bing API and making a SOAP call for fetching the data. I get the following error:
    [Warning] fopen(): SSL: Connection reset by peer [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
    02-04-2015 10:17:41 (BST) : [Warning] fopen(): Failed to enable crypto [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
    02-04-2015 10:17:41 (BST) : [Warning] fopen(https://download.api.bingads.microsoft.com/ReportDownload/Download.aspx?q=rzr63XFt5qJduddohoIRyOYAP%2f1%2ftsnhk8L%2bzBmUpdU2CQlcUB98RpY%2bbOaLFFGMqAC4IUUadC%2fNdNnJqeVCY%2f%2bpy6noVsVA%2fMJp47a3Xb1VjABfKhcdKy6vqpgEdcQg%2fQZ7QcEpZ3bEloJjUtGpDquFk53BnkeHEPVWZkDYcsQegRz%2fpG4t4w6gKCCRmhArd6osr6ZU9CMJ3lbxtGXjcQEMPvP2apNyr9P%2fc8niyfWA2aBcm1aEmOLX2KL3aRJ4rz9N7gG7uBslVZH%2b4rUjHdB7CMkbb%2fHyHwvPTqGPbPCHnicefr%2b%2fDP70hlkBEGfyOOswK67%2bl1zh7CyIv%2bcMlaDsuDX1HeFf4uORfD41H1z7):
    failed to open stream: operation failed [file] /var/www/sites/psmedia/perfectstormmedia/tools/class/msn_api.class.php [line] 780
    Whenever I execute my script. Can you please let me know what we can do to solve this issue. The version of PHP we are using is 5.3.3 with open ssl. 

    Hi Shobha,
    I can't confirm what version of PHP you are using, but to err on the side of caution please use the version specified in the sample/SDK:
    PHP 5.4.14 has been installed from PHP.
    Here is our code examples:
    https://msdn.microsoft.com/en-US/library/bing-ads-overview-getting-started-php-with-web-services.aspx
    Thanks,
    Itai

  • SSL in Soap receiver communication channel

    Hi,
    I have a webservices that works fine in Soap UI. The webservice provider uses the SSL, but works like a web browser, doesn´t need to install a certificate before access the webservice.
    But when i try to use SAP PI using the soap receiver communication channel, the soap adater return the follow message:
    "Peer certificate rejected by ChainVerifier"
    I read some thing about using axis to solve this problem but I can´t find anything to configure this scenario.
    If someone had this problem and solved it, i will apreciate the help.
    Thanks
    Fabricio

    I Have 2 communication channel:
    1) This works fine
    Adapter Type: SOAP
    Receiver
    Transport Protocol: HTTP
    Message Protocol: SOAP 1.1
    Adapter Engine: Integration Server
    Target URL: https://gw-homologa.serasa.com.br/wsacheixml/wsacheixml.asmx
    SOAP Action: https://sitenet05.serasa.com.br/WSAcheiXML/WSAcheiXML/ConsultaAchei
    2) This doesn´t work
    Adapter Type: SOAP
    Receiver
    Transport Protocol: HTTP
    Message Protocol: SOAP 1.1
    Adapter Engine: Integration Server
    Authentication: Basic
    User/Password
    Target URL: https://treina.spc.org.br/spc/remoting/ws/consulta/consultaWebService
    SOAP Action: blank
    Both are https and the certificate is sent at communication time (There isn´t a certificate to install in the Key Store in Visual Administrator)
    I read that Axis manage this kind of integration with webservices, because the certificate must be installed at the moment of sending http request.
    I don´t know why the first interface works fine an the another doesn´t work, then I´m trying with Axis.
    In the SOAP UI both interfaces work fine.
    Thanks

  • Howto use SSL-2 (https) and .pfx certificate in SOAP cc - padding error!

    I'm working on a rfc to soap scenario in PI 7.1, and I must connect PI to some external web services through https.
    We must use a two-sided SSL connection (SSL-2), we received a .pfx certificate to achieve this.
    SAP Basis installed the certificate in the (java)nwa. In the SOAP communication channel i can choose the installed ceritifcate when i set the 'Configure Certificate Authentication'. Tried this, got the "error: iaik.security.ssl.SSLException: Padding length error: 106"
    Other option tried is to set the 'Select security profile'and choose Web Services Security. Then in the receiver agreement i can set the certificate for the encryption and/or decryption. Various scenario's tried, not succesful. We've seen that the pfx certificate contains two certificates (private and public one). But in the receiver agreement there is no choice between those two, we can only select the .pfx
    We also added a user with transaction EXTID_DN. Still got the same error.
    Does somebody have a suggestion what to do?  Must we split the .pfx certificate in two separate files/certificates?  Do we use the incorrect DN/CN in the EXTID_DN?

    Hi,
    What is your requirement ? The "2-sides" concept of SSL, what is it exactly ? Or does it simply mean that you're going to connect to a SSL target providing a SSL client certificate ?
    Usually, you import the SSL target's CA chain (ie Verisign CAs, etc) into the NWA key store, provide the CA chain for your own SSL client cerificate to the target and configure channels accordingly
    Rgds
    Chris

  • Security Issues: SSL on SOAP Adapter and Digital Signature in BPM

    Hi there,
    we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
    1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
    - check whether the SAP Java Crypto Lib is installed in the Web AS;
    - generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
    Is that right?
    I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
    2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
    But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
    Thanks in advance!

    Hello Henrique,
    1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
    2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
    Rgds.,
    Andreas

  • Error using SSL on Receiver Soap Adapter

    Hi there,
    I'm having some problems on connecting to a third-party application running a webservice (meaning, through Receiver Soap Adapter). The third-party appl. demands us to use a SSL connection (its url starts with https), with user authentication through certificate.
    We've installed SAP Java Cryptographic toolkit and have a proper certificate configured on the KeyStorage entry, on Visual Administrator.
    On Soap Adapter, I've configured HTTP Transport Protocol and have selected the "configure certificate authentication" option and selected the certificate, filled the mandatory fields (target URL and soap action) but I keep getting this error message on SXMB_MONI: "com.sap.aii.af.ra.ms.api.DeliveryException: unable to create a socket".
    Is there anything else than installing SAP Java Cryptographic Toolkit to enable SSL on Soap Adapter? Is there another configurations that need to be done?
    Thanks in advance,
    Henrique.

    Hi
    can u please tell me, how u r able to resolve the problem
    i am also stuck in the same error
    basically i am working on SSO b/w three systems.
    EP>XI>R/3
    i am able to do the SSO between the EP-->XI
    but  when i try with EP-->XI->R/3 it is giving me error at the receiver side means receiver soap adapter is not accepting the SAP Logon Ticket.
    can u please tell me what entries should be given in the certificate authentication fields.
    please provide the solution.
    Thanks & Regards
    Rinku Gangwani

  • Using SSL in SOAP Receiver Adapter

    Hello,
    We need to execute a web service that requires using SSL connection. We have done following:
    1. Deployed SAP Java Cryptographic Toolkit
    2. Uploadted the Server certificates chain(Root, Intermediate, and the Server certficate itself)  in TrustedCAs view
    But I can't see the certificate from the Communication Channel screen.
    Could anybody who has done this before please let us know if we are missing anything. I appreciate if anybody can tell us the trouble points/pit falls in this process.
    Any help is greately appreciated.
    Regards
    Venu

    Hi,
    You need to setup SSL layer for HTTPS endpoint.
    Possible HTTP security levels are (in ascending order):
    HTTP without SSL
    HTTP with SSL (= HTTPS), but without client authentication
    HTTP with SSL (= HTTPS) and with client authentication
    HTTPS comes in two flavors, both ensuring the confidentiality of data sent over the network
    Please go through below link for referance (above information is from below link)
    SAP Network Blog: How to use Client Authentication with SOAP Adapter
    /people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter
    SSL useage
    Step by step guide for SSL security
    step by step guide to implement SSL
    http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/ff/7932e4e9c51c4fa596c69e21151c7d/content.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/13/4a3ad42ae78e4ca256861e078b4160/content.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/3a/7cddde33ff05cae10000000a128c20/content.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/0a/0a2e0fef6211d3a6510000e835363f/content.htm
    General guide
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9
    Message level security
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
    Regarding message level you can encrypt the message using certificates.
    For both of this basis team has to deploy the releavant certificates in XI ABAP Stack or Java stack.
    Generally if the scenarios are intra company we dont use any transport level or message level security since the network is already secured.
    Check the following links.. you will get the information all about the securities...
    http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
    Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
    Also find soeminformation in these links
    http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
    /people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
    Thanks
    Swarup
    Edited by: Swarup Sawant on Apr 9, 2008 7:42 PM

  • SSL / X.509 In SOAP Sender/Receiver Adapter

    Hi Friends,
    We have few third party Java based systems which need to integrate with SAP PI7.1
    For this we are using
    SOAP Sender from Third PartyTo PI
    SOAP Receiver From Pi To Third Party Systems                                 
    The Customer Wants to implement SSL.X>509 certificates for encryption and decryption. as one of the option.
    we are  Facing few issues like.
       I am assuming each of the source system webservice calls will have
    to use a username/password to authenticate with the PI system
    a.       Will this use 'basic authentication', ie., credentials sent over as
    part of the HTTP header field ?
       i.
    Assuming we use SSL for transport level security - this is still not secure as the credentials are not encrypted
    ii.      Is  there a way to send in encrypted credentials and for the PI layer to decrypt the same, validate and process the request ?
    b.      Should we consider using a single sign-on mechanism ?
    c         Should we consider using X.509 digital certificates ?
          i.      This would require that the X.509 certs are maintained in the Source & PI webserver Java key stores
    d.      Should we also consider digitally signing the payload ?
         i.      This  requires using an appropriate hashing algorithm such as SHA-1 or MD5
    SOAP Sender /receievr Adapter has few properties not specific to them.How to Acheive this.
    Regards
    Chandra Dasari

    Hi Chandra,
    You may try to implement this using the AXIS framework of the SOAP adapter. This provides functionality for handling of X.509 encryption and decryption.
    You can generate/get the digital certificate and use it for both transport level as well as message level security. You would not require any additional encoding apart from this.
    Coming to your queries:
    Q - I am assuming each of the source system web service calls will have to use a username/password to authenticate with the PI system
    A - If you are using a certificate, then they can call XI using this certificate. You can share your public certificate with each of the parties.
    Q. Will this use 'basic authentication', ie., credentials sent over as part of the HTTP header field?
    A - Depends...if you are using basic authentication, then it will not be via X.509. It will be the normal process. These two are two different things.
    Q. Assuming we use SSL for transport level security - this is still not secure as the credentials are not encrypted
    A - This problem is resolved if you are using digital certificates.
    Q. Is there a way to send in encrypted credentials and for the PI layer to decrypt the same, validate and process the request?
    A - Yes. It is possible. But then you will have to implement encryption decryption logic at both the ends separately if you are not using certificates.
    Q. Should we consider using a single sign-on mechanism?
    A - Is your third party part of your landscape? if not then you might want to check and confirm this approach with your security adviser.
    Q Should we consider using X.509 digital certificates?
    A - Yes...This would resolve most of your problems.
    Q. This would require that the X.509 certs are maintained in the Source & PI web server Java key stores
    A - Yes.
    Q. Should we also consider digitally signing the payload?
    A - If you require message level encryption along with transport layer.
    Q. This requires using an appropriate hashing algorithm such as SHA-1 or MD5. SOAP Sender /receiver Adapter has few properties not specific to them.How to achieve this.
    A - You can provide this option while generating the certificate itself.
    Please let me know if this helps.
    Cheers,
    Sarath.

  • HTTPS authentication using SSL in SOAP Sender adapter

    Hi,
    We are currently doing a SOAP to RFC synchronous scenario in PI 7.0. Our client wants to ensure that the data security is maintained at the transport level. So, we have planned to implement the HTTPS without client authentication using SSL certificates. Our Basis team has promised us that they will take care of the cerficate generation and installation part in the server. Now i am confused at the PI communication channel setup level.
    1) Do i have to specify the certificate installed path in the channel or in any other object ? If so, where do i have to configure the path ?
    2) What is the exact path that has to be carried by a PI developer once the certificates are installed in the server ?
    I have attached my communnication channel screenshot below,
    http://i41.tinypic.com/mk49h.jpg
    Please let me know what i have to configure in the Sender SOAP channel to receive data securely once the certificates are installed in the system.
    Thanks & Regards,
    Sherin Jose P

    Hi,
    1.for transport level security you should assign the HTTPS connection created in SM59 to the SOAP communication channel.
    The HTTPS connection should use the certificates imported in t-code STRUST.
    have you seen below thread,
    SSL / X.509 In SOAP Sender/Receiver Adapter
    Please go through below blog,
    http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b2e7020d-0d01-0010-269c-a98d3fb5d16c?overridelayout=true
    http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?QuickLink=index&overridelayout=true
    http://help.sap.com/saphelp_nwpi71/helpdata/de/14/ef2940cbf2195de10000000a1550b0/content.htm
    2. you nedd to check the message flow between the sender and receiver through PI .
    regards,
    ganesh.

  • HTTPS with Client Authentication in SOAP sender Adapter --SSL

    We have an interface SOAP to file..which was working fine...now we  recently switched to F5 load balancer and hence we were asked to chnage the settings in Communication channel.
    After changing the communication channel to u201CHTTPS with Client authenticationu201D..client trggerd the some data but nothing seems to be coming in PI..
    No trace in communication channel either.where else can we check for the incoming data ?
    Is there any other setting required? why the data s not coming to PI?
    Regards

    Hi,
    here is the flow: Bank>F5-->PI.
    when the Bank client send the message
    they are  getting the message below. Could you please tell me what could be the reason?
    <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
    <!-- Call Adapter
    -->
    <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="1">
    <SAP:Category>XIAdapterFramework</SAP:Category>
    <SAP:Code area="MESSAGE">GENERAL</SAP:Code>
    <SAP:P1 />
    <SAP:P2 />
    <SAP:P3 />
    <SAP:P4 />
    <SAP:AdditionalText>com.sap.aii.af.ra.ms.api.DeliveryException: Invalid SSL message, peer seems to be talking plain!</SAP:AdditionalText>
    <SAP:ApplicationFaultMessage namespace="" />
    <SAP:Stack />
    <SAP:Retry>M</SAP:Retry>
    </SAP:Error>
    regards

  • SOAP RECEIVER SSL Problems

    Dear Community,
       I have configured a SOAP Receiver to an external web service (https://server:7002/service). I have use IE to get the certificate of the server and have imported it into the keystore of the j2ee (using VA). I have imported it to the all current views available. We have SAP PI 7.0 SP18. The problem is that the SSL handshaking is not performed correctly. I have placed a tcp gateway monitor tool to see the messages pass through. As soon as the first message is send to the above URL and a response is received, I get a XIAdapter/HTTP/ADAPTER.HTTP_EXCEPTION - HTTP 500 Internal Server Error. Also, in the default trace log I get a no private key found.... Do I need extra steps to configure SSL in the SOAP Receiver? The service does not required a Client authentication certificate and has a certificate with  o CA root certificate (since this is only a test system and has issued its own certificate). Any ideas? Any help will be appreciated.
    Regards,
    S.Socratous

    Hello,
    Generally it's a connectivity behaviour. Check if you have setup the connection to
    the receiver and also check the explanation regarding 500 Internal Server Errors:
    *Description: The server encountered an unexpected condition which prevented it from fulfilling the request.
    Possible Tips: Have a look into SAP Notes u2013 804124, 807000*
    It may be also a problem with the SSL certificate. So, check if it's not expired;
    The correct server certificate may be not present in the TrustedCA keystore view of NWA .
    Please ensure you have done all the steps described in these url (this is for 7.11):
    Security Configuration at Message Level
    http://help.sap.com/saphelp_nwpi711/helpdata/en/48/d1c7e690d75430e100000
    00a42189b/frameset.htm
    You may have not imported the certificate chain in the correct order (Own -> Intermediate -> Root);
    Last, if the end point of the SOAP Call(Server) is configured to accept
    a client certificate(mandatory), then make sure that it is configured
    correctly in the SOAP channel and it is also within validity period.
    (This certificate is the one which is sent to Server for Client
    authentication)
    Hope that helps.
    With regards,
    Caio Cagnani

  • Plain HTTP Adapter vs SOAP Adapter with regards to SSL

    Hi,
    I need to setup communication channles within XI to send and receive secure xml. I am confused after reading the XI documentation and the some of the discussion forums on SDN.
    Can anyone clarify the following:
    1) Does the plain HTTP Adapter support SSL? According to the XI documentation is does NOT? Have I miss read it?
    2) This being the case, the only way to send and receive secure XML is to use the XI/SOAP Adapter?
    Thanx for your help.
    Cheers
    Yackeen

    Hi Yackeen,
    no, that's not true. The plain HTTP Adapter supports SSL. No problem.
    Regards,
    Udo

Maybe you are looking for

  • Since upgrading iTunes wont open Error 13014

    since upgrading my iTunes I can't get it to do anything. I have completely removed all apple products and cleaned out the registry, then reinstalled everything and still getting the "unknown error occurred 13014. Is there anyway I can fix this or at

  • Why aren't my contacts in alpha order when printing list?

    For some reason, even thought they are in the proper order in the address book, when i print a list they are in a random order. They are not in order by last or first. curious...anyone know the fix?

  • Complex mapping & database

    Hello I need to make a make a map that responds to database values e.g. IN B20 I'd have something like =IF(B2=2),(C2),("") then id need the same value in B21 so that is the value was 2 then it would give me C2's value. But!! if the value of B2 was le

  • How to delete DME payment run

    Hi Experts, I have run the preliminary run (PC00_M40_CDTA). But now due to some reason i want to delete the payroll of the employee. But the system is giving me the message that the payroll result cannot be deleted. Is there any way by which i can de

  • Do you know this widget?

    I used to have the following dashboard widget. It is just a simple widget to keep track of what you have spent. I cannot find it anywhere now for some reason. Does anyone know what the name is? Thanks, ~ Ben