Configure web service as SSL

Similar Messages

• BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6

  We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
  <Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
  wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
  at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
  tboundMessageContext.java:310)
  at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  Truncated. see log file for complete stacktrace
  javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
  Truncated. see log file for complete stacktrace
  This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
  After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
  Thanks.
  Matt
  Edited by: user6946981 on Sep 17, 2009 7:58 AM

  Are you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
  I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
  Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
  Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way.

• Web Service Proxy client to invoke a Web service on SSL (Jdev 10.1.3.1)

  Hi,
  I have to develope a Web Service proxy client to invoke a web service on SSL. First I'm testing with OC4J 10.1.3.1 and JDEV 10.1.3.1 and did this:
  1) Developed a basic PL/SQL Web Service with JDEV and publish on my standalone OC4J.
  2) Made a test with a browser, it worked OK
  3) Generated a proxy client from JDev 10.1.3.1 to invoke web service, it worked OK
  --- Now make it work on SSL----
  4) Then, added SSL configuration to oc4j , generated a certificate with keytool (updated server.xml, secure-web-site.xml), and shutting down and starting the OC4j instance.
  5) Import the certificate to JAVA_HOME/jre/lib/security/cacerts
  6) Test web service from browser on https and worked OK.
  7) When tried to modified proxy client (generated in step 3) to make it work on SSL, I realized that just changing the END_POINT to the new url (https) it worked!
  Questions----
  1.- By default the proxy client generated from JDEV 10.1.3.1 knows how to deal with SSL conections?
  2.- If I dont have previously the server certificate to import it into JAVA keystore (cacerts) how could I ,from proxy client code, capture it and import it before the validation occurs... because if the certificate is not in keystore , the program fails.
  Thanks in advance
  J.

  Hi,
  Could you please provide me with the steps necessary to create a web service proxy client through JDeveloper or any other mechanism when 2 way SSL (requiring client authentication) is enabled.
  Thanks a lot in advance
  Nilesh

• Calling web service via SSL

  Hi,
  I do not succeed in calling a web service via SSL from within a Web Dynpro application.
  Current settings of my logical port:
  Target Address: https://...
  Authentication: HTTP authentication, basic (username/password)
  I do call methods _setUser and _setPassword to set userid and password before calling method execute() of my modelclass.
  On calling method execute(), I get message "Connection closed by remote host".
  Any suggestions ?
  Many thanks.
  Jorgen

  Can you check the following?
  1) Did you install the SAP Cryptographic toolkit for Java available from service.sap.com?
  2) Did you install the "Java Cryptography Extension (JCE)
  Unlimited Strength Jurisdiction Policy Files 1.4.2". For Sun they are available here: http://java.sun.com/j2se/1.4.2/download.html (last item on page)
  3) How is the SSL server configured? Does it require client authentication? In this case you must send a client certificate.

• Consume Web Service with SSL

  Hi expert!!!
  I have a problem!!
  I need consume a web service with ssl autentification in PI to call from SAP.
  That web services is of AFIP (Argentina ).
  i don`t know how do that!!
  How and where configure the certificate for signature??
  Thxz in advance!!!
  Sorry my bad english..

  thxz for all!!!!1
  I will be to resume my problem
  i need sign xml file with a certificate!!1
  i have xml file build in ABAP,  i try do with openssl in windows or unix to sign with private key file and certificate file .Crt
  that generate a new file with sign, i put this in other web service and work....
  i need do that in abap or pi..... i abap i could create xml file, but i can`t execute open ssl.....
  thxz for u help!!!

• Calling a web service through SSL via a stand alone java class

  HI,
  I am trying to call a web service through SSL via a simple stand alone java client.
  I have imported the SSL certificate in my keystore by using the keytool -import command.
  Basically I want to add a user to a group on the server. Say I add a user user 1 to group group 1 using an admin userid and password. All these values are set in an xml file which I send to the server while calling the server. I pass the web service URL, the soap action name and the xml to post as the command line arguments to the java client.
  My xml file(Add.xml) that is posted looks like :
  <?xml version="1.0" encoding="UTF-8"?>
  <SOAP-ENV:Envelope
  xmlns:xsi = "http://www.w3.org/1999/XMLSchema-instance"
  xmlns:SOAP-ENC = "http://schemas.xmlsoap.org/soap/encoding/"
  xmlns:SOAP-ENV = "http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd = "http://www.w3.org/1999/XMLSchema"
  SOAP-ENV:encodingStyle = "http://schemas.xmlsoap.org/soap/encoding/">
  <SOAP-ENV:Body>
  <namesp1:modifyGroupOperation xmlns:namesp1 = "/services/modifyGroup/modifyGroupOp">
  <auth>
  <user>adminUser</user>
  <password>adminPassword</password>
  </auth>
  <operationType>ADD</operationType>
  <groupName>group1</groupName>
  <users>
  <userName>user1</userName>
  </users>
  </namesp1:modifyGroupOperation>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  I call the client as:
  java PostXML https://com.webservice.com/services/modifyGroup "/services/modifyGroup/modifyGroupOp" Add.xml
  I my client, I have set the following:
  System.setProperty("javax.net.ssl.keyStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
  System.setProperty("javax.net.ssl.keyStorePassword", "password");
  System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
  System.setProperty("javax.net.ssl.trustStorePassword", "password");
  But when I try to execute the java client, I get the following error:
  setting up default SSLSocketFactory
  use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
  class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
  keyStore is : C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
  keyStore type is : jks
  keyStore provider is :
  init keystore
  init keymanager of type SunX509
  trustStore is: C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
  trustStore type is : jks
  trustStore provider is :
  init truststore
  adding as trusted cert:
  init context
  trigger seeding of SecureRandom
  done seeding SecureRandom
  instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
  main, setSoTimeout(0) called
  main, setSoTimeout(0) called
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: .....
  Compression Methods: { 0 }
  [write] MD5 and SHA1 hashes: len = 73
  main, WRITE: TLSv1 Handshake, length = 73
  [write] MD5 and SHA1 hashes: len = 98
  main, WRITE: SSLv2 client hello message, length = 98
  [Raw write]: length = 100
  [Raw read]: length = 5
  [Raw read]: length = 58
  main, READ: TLSv1 Handshake, length = 58
  *** ServerHello, TLSv1
  %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
  ** SSL_RSA_WITH_RC4_128_MD5
  [read] MD5 and SHA1 hashes: len = 58
  [Raw read]: length = 5
  [Raw read]: length = 5530
  main, READ: TLSv1 Handshake, length = 5530
  *** Certificate chain
  chain [0] = ...
  chain [1] = ...
  chain [2] = ...
  chain [3] = ...
  main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
  main, WRITE: TLSv1 Alert, length = 2
  [Raw write]: length = 7
  0000: 15 03 01 00 02 02 2E .......
  main, called closeSocket()
  main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  main, called close()
  main, called closeInternal(true)
  main, called close()
  main, called closeInternal(true)
  main, called close()
  main, called closeInternal(true)
  Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.c
  ertpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
  at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
  at java.io.BufferedOutputStream.flush(Unknown Source)
  at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
  at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2110)
  at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1088)
  at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
  at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
  at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
  at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
  at PostXML.main(PostXML.java:111)
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find v
  alid certification path to requested target
  at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
  at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
  at sun.security.validator.Validator.validate(Unknown Source)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
  at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
  ... 18 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
  at java.security.cert.CertPathBuilder.build(Unknown Source)
  ... 23 more
  I do not know where I have gone wrong. Could someone point out my mistake.
  Thanks In advance!

  Hi jazz123,
  There's an example in the [*Java Web Services Tutorial*|http://java.sun.com/webservices/docs/2.0/tutorial/doc/] : see Chapter 1: Building Web Services with JAX-WS - A Simple JAX-WS Client.

• Web service client behind a proxy server connecting to web service over SSL

  Hi Friends,
  A web service is exposed by an external system over SSL. We are behind a proxy server and are trying to get connected to web service over SSL. <p>
  We are getting the following error on the test browser of workshop<p><p>
  External Service Failure: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.<p><p>
  the whole trace is <p>
  <p>JDIProxy attached
  <Sep 24, 2005 9:27:25 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl:salesExpertServiceControl; Method=creditcheckcontr
  ol.SalesExpertServiceControl.doCreditVerification(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
  Code:javax.net.ssl.SSLHandshakeException
  String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
  Detail:
  END SERVICE FAULT>
  <Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl; Method=creditcheckcontrol.CreditCheck.testCreditC
  heck(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
  Code:javax.net.ssl.SSLHandshakeException
  String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
  Detail:
  END SERVICE FAULT [ServiceException]>
  <Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=top-level; Method=processes.CreditCheck_wf.$__clientRequest(); Fai
  lure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled process exception [ServiceException]>
  <Sep 24, 2005 9:27:26 AM EDT> <Error> <WLW> <000000> <Failure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled pr
  ocess exception [ServiceException]><p>
  I am not able to make out what could be possibly wrong. Please let me know if you guys have any ideas about how to resolve it.
  Thanks
  Sridhar

  did you resolve this problem. I am looking at the same issue. If you did I would really appreciate your response.
  Thanks.

• Web Service over SSL hangs if sent data size exceeds around 12Kb

  Hi,
  I have a Web Service running on a WebLogic Server 10.3. One of its purposes is to send and receive documents over a one-way SSL connection. The service runs fine if the documents are smaller than around 12Kb, however if its larger than that, the service simply hangs. From SSL debug information it looks like some data is sent but afterwards it simply stops. When testing the Web Service without SSL it works fine, which points to an SSL issue. Also, surprisingly, when it receives documents over the SSL, it also works fine. I assumed there is a parameter that limits the size of the POST message sent over SSL, however all the parameters that I found, that could do that, were already set to unlimited.

  We ended up resolving this issue. It turned out to be something really simple. The client that was sending the soap traffic did not have the proper SSL certificate installed on the server that was generating the soap traffic.

• Web Service over SSL failing in BEA Workshop

  I have deployed a web service on weblogic 9.2
  I have enabled one-way ssl on it. got a trial ssl certificate from verisign. installed them on the keystore/truststore on the server as well as the jre (cacerts and jssecacerts truststores) being used by the client. the client is on different machine than the server.
  i have developed the service through 'bea weblogic workshop 9.2' now when i try to test the service through the 'web services explorer' within bea weblogic workshop i receive the following error:
  IWAB0135E An unexpected error has occurred.
  IOException
  sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  on server:
  <Jul 13, 2009 6:45:44 PM EDT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from yunus.l1id.local - 10.10.2.72. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
  if i try to access the web service (over ssl) through the browser (ie/firefox), it works fine. i have generated a proxy class to access this web service through the same bea workshop and that works fine too. certificates are identified and all. i also created a small .net (c#) application that calls this secure web service over ssl from another machine and it works fine too!
  of course non-secure url for the web service is working fine in every case.
  what can be the reason for this failing only in 'web services explorer' in bea workshop?
  cross posted at: http://www.coderanch.com/t/453879/Web-Services/java/Web-Service-over-SSL-failing
  thanks.

  Hello,
  I used this example, when I made my experiments with SSL and Glassfish (GF):
  http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
  If you have problems with GF I suggest to post a message here:
  http://forums.java.net/jive/forum.jspa?forumID=56
  e.g. here is one thread:
  http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
  Miro.

• How to configure Web service using transaction SOAMANAGER?

  Hi SDN,
  I have followed this article to configure using transation SOAMANAGER.
  http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/20b723f8-a422-2c10-aca5-fe64eeda1ff2&overridelayout=true
  but I have some issues about looking for ECC_PURCHASEORDER003QR in default_host/sap/bc/srt/xip/sap of above article.
  I can not configure Web service and go to steps further.
  The system is ECC 6.0 release 7.
  How can be done?
  Thanks,
  Luu,

  Hi,
  > but I have some issues about looking for ECC_PURCHASEORDER003QR
  You mean you can't see this service in sicf or you have trouble locating this service in SICF. Can you specify what exactly your problem is?
  Please check if you are on correct Ehp (Enhancement pack) required for this service. This service available with Ehp4.
  To check enhancement pack goto System->status and check component information i.e. SAP_APPL release is 603 in my system which means I am on Ehp3.
  Regards,
  Gourav

• How to configuration web service in bw that I can open query in explore ?

  Hi
  Can anyone tell me how to configuration web service that when I click " luanch in web browser "in BEX Anaylzer , Display Query on  the web in BEx query Designer  open rsplan modeling on web ,what parameter will be configuration ,give me step to step to configuration
  thanks very much

  configure a messager service and some paramers
  thanks very much!

• How to use and configure web services in sap

  Hi,
  Experts,
  could you please tell me, how to configure web services in sap.
  As one of my client using handheld  software for inventory, where in whatever tansaction happens in the depot  it has to update in sap.through non sap software please help me out with necessary configuration.
  Thanks
  Edited by: Ahmed quadry on Jun 9, 2009 2:25 PM

  Hi Ahmed,
  Kindly find the below link will helps you to create web  service in SAP
  http://wiki.open-esb.java.net/Wiki.jsp?page=BAPIWEBSERVICE
  Also find the below documents will helps you to create web services in SAP
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/06adbf03-0a01-0010-f386-d8e45561a3c4
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/3004a2d2-0653-2a10-779c-f5562b3fac39
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/bb0764f2-0b01-0010-bd85-c7849b40561e
  Regards
  Venkata Rao .G

• Configuring Web Services for Oracle XML DB

  Hi all...
  I think I need some help one this subject....
  We have a 10G Release 2 Oracle single instance ( not RAC) install on a Linux Redhat v5.3 64 bit server. Are developers are user Visual Studio .Net and wnat to send xml files to a web service so that the xml file (containing data) can call a PL/SQL package (to be written) which will take the data out of the xml input file and insert rows into a prefined table within the instance. Now they have browsed the web and have come upon the following links...
  http://docs.oracle.com/cd/B28359_01/appdev.111/b28369/xdb_web_services.htm
  http://docs.oracle.com/cd/B28359_01/appdev.111/b28369/xdb22pro.htm#i1026724
  Currently, within the database I looked at the schema XDB and have unlocked the account and connected as the user XDB. There are some 680 objects in the following groups...
  SQL> select object_type, count(*) from dba_objects where owner='XDB' group by object_type;
  OBJECT_TYPE COUNT(*)
  SEQUENCE 2
  PROCEDURE 5
  OPERATOR 8
  LOB 334
  LIBRARY 12
  PACKAGE 20
  PACKAGE BODY 17
  XML SCHEMA 25
  TYPE BODY 5
  TRIGGER 12
  TABLE 36
  INDEX 51
  FUNCTION 5
  INDEXTYPE 2
  VIEW 2
  TYPE 144
  16 rows selected.
  Now in the links above it mentions that the xdbconfig.xml needs to be altered etc. However, I have searched the entire $ORACLE_HOME and there is no file definition of that description.
  From a DBA prospective...what do I have to install on the Linux server? I assume from the Oracle Database 10g Companion Products I need to lay down Oracle HTTP Server in a new Oracle home as the first step...or not? Does the HTML DB need to be installed as well?
  And for Configuring Web Services for Oracle XML DB...what else has to be installed? And from what product line?
  Thanks in Advance....
  Cheers
  Roegr

  Hi Marco...
  First of all ...thanks for the reply.
  I followed the link and the infor in that web page. However, there were a few things that did not work....
  1. The http://localhost:8080/ as is brought up a web page withe the heading as
  ==========
  ORACLE DATABASE 10g EXPRESS EDITION LICENSE AGREEMENT..
  ==========
  The other browser test ftp://localhost:2100/
  did not find any page?
  2. Then I went onto running (as the sysdba) the pl/sql to enable the ORAWSV Entry Service
  however it error out. So I did a describe on DBMS_XDB and the function deleteServlet does not appear
  then I had a look and this link to > http://www.liberidu.com/blog/?p=471
  was for 11G and the other link > http://docs.oracle.com/cd/B28359_01/appdev.111/b28369.pdf
  was for 11G.
  However, we are on 10G
  =================
  SQL> select * from V$version;
  BANNER
  Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bi
  PL/SQL Release 10.2.0.3.0 - Production
  CORE 10.2.0.3.0 Production
  TNS for Linux: Version 10.2.0.3.0 - Production
  NLSRTL Version 10.2.0.3.0 - Production
  ==================
  So is there must be other sql for 10G?
  Cheers
  Rog

• Configure Web Services Security in PI 7.1

  Hi,
  I'm getting an error message when using the XI adapter to send encrypted data. I am using SAP PI 7.1 EHP1 SP3.
  *Communication error Proxy calls are not permitted on sender or receiver side on the IS (client)
  Error during message security handling in outbound channel: Security profile &#39;Sign and Encrypt Message&#39; *
  According to my research I need to get my basis team to configure Web Services Security. I've found the Netweaver 04 configuration guide but I don't think this is relevant. The following help has information on web services security but little or no information. 
  http://help.sap.com/saphelp_nwpi711/helpdata/en/44/bc872fc60b7006e10000000a155369/frameset.htm
  Is anyone able to point me towards the right document?

  >
  Park Saeiam wrote:
  > Hi
  >
  > May be that partner you define Integration System not Application system in Business system. try define to application system.
  >
  > Thanks
  > Park
  or try use Business services instead.

• Importing external web service with SSL certificate security

  Hello,
  I'm trying to import an external web service (that resides in another server, independent of ours). However, right after I enter the WSDL in the import window I get the following error in the NWDS:
  sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target      [Error: com.sap.ide.es.core.ui.internal.wizards.fragments  Thread[ModalContext,6,main]]
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
            at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
            at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
            at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
            at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
            at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
            at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
            at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172)
            at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
            at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.getURLAsStream(UrlValidationRunnable.java:137)
            at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.validate(UrlValidationRunnable.java:75)
            at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.run(UrlValidationRunnable.java:55)
            at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:121)
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
            at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
            at sun.security.validator.Validator.validate(Validator.java:218)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
            ... 15 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
            at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
            at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
            ... 21 more
  Has anyone ever consumed an external web service with SSL certificate security? How do you import this in your Web Dynpro project?
  Cheers!

  Hi Alain,
  I just checked on a newer NW environment (NW 7.2) and was presented an empty list as well... It seems the mapping procedure I described is deprecated since NW 7.11, and the modeled CAF application service is already exposed as a web service.
  You may want to have a look at http://help.sap.com/saphelp_nwce711/helpdata/en/43/f173947bbb025be10000000a1553f7/content.htm or http://scn.sap.com/message/7852996 for more info