Seeburger AS2 - import certificate type .p7b (PKCS#7)

Dear Seeburger AS2 experts,
Has anyone ever imported (loaded) a certificate file type *.p7b (PKCS#7)?   I've got a .p7b certificate file from my trading partner but I cannot import it, as XI does not have the option to load this type.  I tried loading a .cer file, but that did not work (as2 authentication error) for some reasons.  My trading partner does not have a .p8 or .p12 certificate.  Is there any way to load a .p7b into XI?
Thanks.
Sakkarn

Is this resolved...
Regards
Ravi R

Similar Messages

  • Seeburger AS2 adapter certificate reference

    Hi experts,
    having looked and looked in threads here and in Seeburger documentation I cannot find an answer to two things:
    Firstly where exactly do you upload the partner certificate used to verify the signature of the message, in netweaver adminsitrator in Visual administrator?
    Also what reference do you give in the sender agreement to the certificate?
    We are using PI 7.11. At the moment the certificate is uploaded in the deafualt key storage in nwa, but when testing using these references in the sender agreement for the authentication certificate I get an error authentication failed:
    TRUSTED\DEFAULT\alias name
    \DEFAULT\Alias name
    DEFAULT\alias name
    alias name
    Edited by: Rasmus Ronde-Holm on Aug 5, 2010 3:26 PM

    Firstly where exactly do you upload the partner certificate
    For better management of all AS2 related certificates, create a View in the Keystore service with any name e.g. AS2. Then create a new Entry in the view which should be the uploaded certificate.
    Also what reference do you give in the sender agreement to the certificate?
    The name you see in your View should be same as the name provided in Sender Agreement. It should be
    TRUSTED/<ViewName>/Certificate name
    The Certificate name here should be given without any extension.
    Regards,
    Prateek

  • Configure .p7b(PKCS #7 Certificates) in SOA Suite 11g - Enterprise Manager

    Hi,
    currently configured .jks file in em - weblogic domain - security - security provider configuration which is used by owsm policy to validate my incoming signed soap message.
    (incoming message is signed with the same jks file). so it is working fine.
    Now I got .p7b(PKCS #7 Certificates) file from customer, so I need to replace this with my existing .jks file. How can I do this?
    Appreciate your quick inputs.
    Thanks

    customer site is invoking my soa suite application,public portion of the certificate which I got from them I configured at my end(.p7b converted in to jks). with the private key (which I do not have with me) the customer site is signing the soap request and hitting my soa suite.
    Getting following error in my soa suite side(soa_server1-diagnosis):
    X509 Certificate will not be advertised due to underlying exception "oracle.wsm.security.SecurityException: WSM-00057 : The certificate, abc.org, is not retrieved. The following aliases are found in the keystore:- [defnet.org, klmca.org, abc.org, ]".
    while converting in to jks I gave alias, I do not know what value should I give. I found
    subject: CN=abc.org... in .p7b file, used the same name as alias.
    converted .p7b file in to .cer as suggested by anuj, .p7b file contains 3 certificates,so imported 3 times in to same key store file like this
    keytool -import -alias abc.org -file xyz.public.cer -keystore xyz-keystore.jks
    keytool -import -alias klmca.org -file klmca.public.cer -keystore xyz-keystore.jks
    keytool -import -alias defnet.org -file defnet.public.cer -keystore xyz-keystore.jks
    Where I am doing wrong here?
    Can I configure directly .p7b(PKCS #7 Certificates) file in enterprise manager (soa suite 11g ps3.). I converted in to jks file and configured but it is not working.
    Please suggest. This is urgent. Appreciate your quick help.
    Edited by: 798585 on May 20, 2011 12:00 AM

  • Seeburger AS2 error: No Trusted Certificate found

    Dear SAP experts,
    Good day!
    Need your expert advice regarding the error that I am getting in Seeburger AS2.
    Here's the scenario:
    SAP XI is sending messages to Trading Partner via AS2 adapter which resides in Seeburger.
    I've trigerred already messages but they are getting this kind of error:
    Delivery of the message to the application using connection AS2_http://seeburger.com/xi failed, due to: com.sap.aii.af.ra.ms.api.RecoverableException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found # , SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found # : javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found # , SEEBURGER.
    Kindly advice if there are missing or invalid certificates on both sides?
    What would be the cause of the issue?
    Many Thanks!
    Godo

    Godo,
    I think you are using secure communication for your seeburger CC. Can you pls. check if you have installed(keystore) certifcate on J2EE engine and configured certificate provided by ftp client in your CC.
    Also one more important thing,
    Make sure that you have entry with ftp server name and correspoding ip address in hosts.inc on a system where your adapter engine resides.
    Check detail error messsage at:
    http://XI server : port / nwa --> Message Monitoring --> Logs and Trances and select DefaultTrace in second drop down list. You will find all events details with description. ( If you run your interface and check you will find recent activities on XI server. Hope this will give you much better picture)
    Hope this will help.
    Nilesh

  • Seeburger: keyStorage: import chain of certificates

    Hi guys,
    Have any of you imported on VisualAdmin Key storage a certificate which has a chain of certificates associated?
    Why does this question pops up? Well, I'm using Seeburger AS2 Adapter and I'm trying to receive a message from my external partner. The point is that the certificate has associated a chain of certificates. I tried to import every certificate, one by one, creating three entries on the keystorage, and then specifying on the sender agreement the alias referring to the lower certificate. Meaning certificateA depends from certificateB which depends from certificateC, which is the ROOT Certificate.
    certificateC
      -certificateB
        -certificateA
    So in the sender agreement I only have
    Sender Configuration
         Authentication Certificate : \AS2\certificateA
    My external partner is getting AUTHENTICATION ERROR. What I think is happenning is that XI is not being able to relate the three certificates.
    Do you have any ideas?

    Hi guys,
    Unfortunately the problem is yet to be solved...
    I've placed the certificates in the TrustedCA's but I'm still getting the following error:
    Error#1#/Applications/ExchangeInfrastructure/AdapterFramework/ThirdPartyRoot/SEEBURGER/AS2#Plain###authentication error
    [LOC: authentication error.authenticate] Caused by: com.seeburger.dt.security.smime.SMIMEHelperException: signature verification failed:
    com.seeburger.dt.security.smime.SMIMEHelperException: signature verification failed: CMS error:
    invalid signature format in message: + content hash found in signed attributes different
    Although the error is an authentication error, it is due to other factors.
    I've searched the web but couldn't find any related issues...
    For debugging I've tried sending a message from another test partner with his own certificate but letting the other partner's certificate configured. The error
    is an authentication error/connection refused. So in the first case XI reaches to the point of validating the certificate signature.
    Has any of you faced this error?

  • Seeburger AS2: How to set up Certificates in PI

    Hi ! ALL
    We are setting up Seeburger AS2 adapters to exchange file with vendors (B2B).
    can you please, share with us ..
    1.How to set up certificates, decryption key, signature key.
    2.Also, instead of the vendors coming directly to the PI box.....can you share if you have set up any DMZ/firewall environment and how it was set up to talk to PI, especially exchanging certificates.
    Your help is greatly appreciated!!
    Thank you,
    Patrick
    Edited by: Patrick Jones on Feb 4, 2009 10:23 PM

    Hi Patrick,
    For secured communication with business partners you need to implement message level security. You need to create certificates in visual administrator and exchange the public key with your business partner. Also you need to import your business partner public key in visual administrator.
    For encryption - Use business partner public key
    For signing - Use your private key.
    For DMZ check the following help link
    http://help.sap.com/saphelp_nw04/helpdata/en/d9/ef2940cbf2195de10000000a1550b0/content.htm
    Regards
    Prakash

  • Renewing public key certificate used for Seeburger AS2

    My general question is when a public key certificate, used for Seeburger AS2 payload decryption and digital signatures, needs to be renewed, how carefully do the certificate renewal steps need to be coordinated for a seamless transition?  More specifically...
    1. Once we import the CSR response from the CA, will the public key currently used by our partner become invalid, or will it continue to work until its expiration date? 
    2. Will our partner be able to validate our signature after the new CSR has been imported, but prior to them applying the new public key certificate in their system? 
    3. Or can we renew the certificate, import the CSR request, provide our partner with the renewed certificate, and let them apply the certificate at their own volition, provided they do it prior to the original certificate expiration?

    Hi Kurt
    In my experience, the renewal/replacement of AS2 certificates for encryption/decryption & signing/authentication requires coordinated effort on both sides.
    This is because AS2 uses asymmetrical encryption, so both parties need to use the same pair of certificates at the same time, i.e. you encrypt on your private key, and partner decrypt on the public key matching your private key. If the keys used do not belong to the same pair, then decryption will not work.
    I'm not sure what AS2 software your partner uses and if it has the feature of automatic rollover of certificate, but PI/Seeburger does not. The approach in PI/Seeburger can either be one of the following:-
    i) import new cert replacing original cert of the same name
    ii) import new cert into new name, manually update sender/receiver agreements
    Due to the manual nature of the tasks, normally it requires coordinated effort during a cutover window.
    Rgds
    Eng Swee

  • Seeburger AS2 Certificates updates

    Dear Experts,
    We're having a problem to add in new certificates from our partner. For your info we're using Seeburger AS2 connect and no one knows how to update the certificates including our vendors. Please let me know how to update the certificates. Thank you

    Hi,
    if you are on PI 7.1x go to Netweaver Administrator (http://server:port/nwa)
    Then go to Configuration Management -->  Security --> Certificates and Keys
    There you shold find several Key Stores ("Key Storage Views")
    Select the Keystore which holds the AS2 certificates.
    If you are not sure which one is the correct one, check your Sender/Receiver Agreements in the Integration Directory.
    The certificates that you specified as TRUSTED\<keystore>\certificate-name in your AS2 configuration are the ones you have to change.
    In the "Key Storage View Details" you can add, modify, delete,... the certificates.
    regards,
    Daniel

  • Unsupported keysize or algorithm parameters com.seeburger.as2.AS2Plugin...

    Hi guys!
    I need to enable encryption in Seeburger AS2 adapter, however, I get followng error.
    Error type: COMPONENT_ERROR,NOT_TRANSMITTED >> Error date: 9/26/07 11:41 AM >> Description: AS2 Adapter failure java.lang.Exception: AS2 message composition failed: java.lang.SecurityException: Unsupported keysize or algorithm parameters com.seeburger.as2.AS2Plugin.execute(AS2Plugin.java:321) [9/26/07 11:41 AM]
    Certificate is imported correctly to Java WEB AS.
    Any ideas, what's wrong?
    Thanx a lot! Peter

    Hi Peter
    Check if this link can help u
    ID21108:java.lang.security EXception, Unsupported Key Size
    Reward points if helpfull....

  • There is no key entry with such alias in keystore seeburger AS2

    Hi,
    Error message  in RWB shows the following
    Message entered module processor exit bean and will be transferred to JCA adapter
    2011-04-06 06:19:29 Success SEEBURGER/AS2: Received order from system.
    2011-04-06 06:19:29 Error Unable to forward message to JCA adapter. Reason: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: There is no key entry with such alias in keystore, SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiExc
    2011-04-06 06:19:29 Error Delivery of the message to the application using connection AS2_http://seeburger.com/xi failed, due to: com.sap.aii.af.ra.ms.api.RecoverableException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: There is no key entry with such alias in keystore, SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: java.security.PrivilegedActionException: com.
    2011-04-06 06:19:29 Error The message status set to NDLV.
    2011-04-06 06:19:29 Error MP: Exception caught with cause javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: There is no key entry with such alias in keystore, SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: java.security.PrivilegedActionException: com.seeburger.ks
    unable to send / receiver messages through AS2. Please let us know what could be the error. How/ where to resolve it.

    Please check the SDN thread below
    AS2 Adapter Configuration to Customer / no signature certificate
    Also, check the help page below
    http://help.sap.com/saphelp_sm40/helpdata/DE/84/be18d66b2a47f6b4adc704a7c0e23e/content.htm
    for instructions on how to get the "SEEBURGER EDIINT AS2 Adapter for SAP Exchange Infrastructure Configuration Guide" from the Service Marketplace. Then, on this guide, please check the configuration according to your sender or receiver communication channel regarding the Security (certificates) parameters.
    Are the key Store entries imported correctly? Please check if the certificates were imported in the right order and none of the certificates on the chain are expired.

  • Content based receiver determination with Seeburger AS2 adapter

    We are planning to use the Seeburger AS2 adapter on our XI 3.0 installation to post custom XML documents to XI from external business partners.  The problem we have is to do the receiver and interface determination based on the xml message type that is submitted.  How can we identify what is the name of the root xml node (which is representing the message type that was submitted to us) during the receiver determination and specify conditions for the receiver determination based on this?  We can not use the Seeburger Classifier module here as this is only determining the mapping name to be used for an EDI conversion but can not handle any type of XML message.

    Rudy,
    I think the easiest way would still be the ReceiverDetermination and creating an XSD that contains the main important TAGs from the different messages.
    That should allow you to test for the existing of certain important TAGs or check the value of some TAGS.
    I don´t know about aedaptive-adapters, but I don´t think that they are Drummond-Certified. Check out...
    http://www.drummondgroup.com/html-v2/as2-companies.html
    Without this certification, a lot of your partners might not allow you to use this adapter if you wanna make AS2 with them.
    Greetings
    Stefan

  • Seeburegr AS2 - encryption certificate reference

    Hi guys!
    I need to configure encryption certificate for AS2. The certificate is imported in the JAVA AS. View AS2, entry AS2C. Now, in the receiver agreement I have following items:
    - AS2 sender configuration / Signing Key
    - AS2 receiver Configuration:
    - - Encryption Certificate
    - - Authentication Certificate
    How to reference the encryption certificate from the Key Store?
    is it smthng like "\AS2\AS2C" ?
    Thanx a lot for answer!
    Peter

    HI peter
    have a look at this thread
    Seeburger AS2 sender comm channel config
    Re: Seeburger AS2 Adapter
    Re: AS2 premises for using XI
    Re: Seeburger AS2 sender comm channel config
    Thanks !

  • Seeburger AS2 - connectivity

    Hello,
    is it possible to have one single certificate for both AS2 and SSL, using HTTPS protocol.
    if yes should we upload the certificates twice (AS2 & SSL)?
    Also when we sent some messages via AS2, the seeburger AS2 server seems to be closing the connection abruptly. are there any logs generated on the seeburger side in order to check what actually happened?

    Hi,
    AS/2 details:
    http://www.seeburger.com
    http://www.seeburger.com/fileadmin/com/pdf/AS2_General_Overview.pdf
    http://www.seeburger.com
    http://www.seeburger.com/fileadmin/com/pdf/AS2_General_Overview.pdf
    http://www.seeburger.it/fileadmin/it/pdf/2005_04_sapphire_Ferrero_transcript.pdf
    http://www.seeburger.com/fileadmin/com/pdf/SEEBURGER_SAP_Adapter_engl.pdf
    http://www.seeburger.com/fileadmin/com/pdf/Butler_Group_SEEBURGER_Technology_Audit.pdf
    http://www.sap.com/france/company/events/2006/02-01-Automotive-Seeburger.pdf
    http://h41123.www4.hp.com/presentations/ISUG/XISeeBurger.ppt
    http://www.sap.com/asia/company/events/nwtechdays/presentation/australia-slides/Pre-Built_Integration.pdf
    Seeburger thread:
    Refer this forum which talk about the configuration which need to be done for AS2 adapter. This is very helpful:
    Re: Pls.. Help Needed.. Seeburger Mapping Names..!!
    Re: Seeburger AS2 adapter...
    Re: AS2 Module tab.. Mapping Names for modified Standard Msg types ? ? BIC ??
    AS2 adpater-- Configuration details for both SND and RCV.
    AS2 Sender Adapter -- Need few details.
    Flow of data:
    EDI-SEEberger-XI-IDOc-R/3
    Seeburger info:
    Re: seeburger adapter
    Re: SEEBURGER's VAN Adapter
    AS2 info:
    Re: Regarding Seeburger AS2 Adapter
    SEEBURGER EDI adapter
    Wanna Party ?
    Wanna Party ?
    How to Set up an SAP XI Integration Directory Scenario with Party to Support EDI Partner Processing
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b0b355ae-0501-0010-3b83-8f2bb566fa47
    Here is the link for your reference:
    EDIFACT to XML - Stylus Studio Solution
    The steps to convert EDI to XML / XSD can be found at the following link:
    http://www.stylusstudio.com/edifact_to_xml.html
    Stylus studio download link: http://www.stylusstudio.com/xml_download.html
    Or
    Using the Conversion agent
    How to get started using Conversion Agent from Itemfield
    Conversion Agent a Free Lunch?
    Integrate SAP Conversion Agent by Itemfield with SAP XI
    More on the SAP Conversion Agent by Itemfield
    SAP XI supports EDIFACT
    How to get started using Conversion Agent from Itemfield
    More on the SAP Conversion Agent by Itemfield
    http://www.stylusstudio.com/edi/XML_to_X12.html
    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/b0b355ae-0501-0010-3b83-8f2bb566fa47
    Details on XI EDI adapter from seeburger
    SAP XI supports EDIFACT
    http://www.seeburger.it/fileadmin/it/pdf/2005_04_sapphire_Ferrero_transcript.pdf
    http://www.seeburger.com/fileadmin/com/pdf/Butler_Group_SEEBURGER_Technology_Audit.pdf
    http://www.seeburger.com/fileadmin/com/pdf/AS2_General_Overview.pdf
    SAP Adapters
    EDI with XI
    http://www.seeburger.it/fileadmin/it/pdf/2005_04_sapphire_Ferrero_transcript.pdf
    http://www.seeburger.com/fileadmin/com/pdf/SEEBURGER_SAP_Adapter_engl.pdf
    http://www.seeburger.com/fileadmin/com/pdf/Butler_Group_SEEBURGER_Technology_Audit.pdf
    http://www.sap.com/france/company/events/2006/02-01-Automotive-Seeburger.pdf
    http://h41123.www4.hp.com/presentations/ISUG/XISeeBurger.ppt
    http://www.sap.com/asia/company/events/nwtechdays/presentation/australia-slides/Pre-Built_Integration.pdf
    http://www.seeburger.com
    http://www.seeburger.it/fileadmin/it/pdf/2005_04_sapphire_Ferrero_transcript.pdf
    http://www.seeburger.com/fileadmin/com/pdf/Butler_Group_SEEBURGER_Technology_Audit.pdf
    http://www.sap.com/france/company/events/2006/02-01-Automotive-Seeburger.pdf
    http://h41123.www4.hp.com/presentations/ISUG/XISeeBurger.ppt
    Regards,
    Nithiyanandam

  • Seeburger AS2 comm channel problem (B2B) - "perhaps AS2ID missing"

    Hi guys!
    We try to configure B2B scenario using Seeburger AS2, but communication channel monitor returns error:
    Error type: COMPONENT_ERROR,NOT_TRANSMITTED >> Error date: 9/25/07 10:05 AM >> Description: AS2 Adapter failure Outbound configuration error: Sender configuration incomplete - perhaps AS2ID missing.. com.seeburger.as2.AS2Plugin.execute(AS2Plugin.java:321) [9/25/07 10:05 AM]
    We're not sure about the scenario configuration and using identifiers (cos' this is probably the problem).
    Did someone of u already configured Seeburger AS2?
    We have configured in receiver party alternative identifier Seeburger - AS2ID, however, the message sent to target has always agency XI and scheme XIParty. It should be probably Seeburger and AS2ID (the alternative one).
    <SAP:Receiver>
      <SAP:Party agency="http://sap.com/xi/XI" scheme="XIParty">XXXX</SAP:Party>
      <SAP:Service>BS_3RD_XXXXX</SAP:Service>
      <SAP:Interface
    How to achieve it?
    Thanx a lot!
    Peter

    Hi Anoop!
    Yes, we use it on receiver side.
    ModuleProcessorExitbean exists, so it should be ok.
    What I'm not sure about is the thing with identifiers..
    In Party (let's call it X) - Identifiers, we have default agency http://sap.com/xi/XI, scheme XIParty and name X.
    What values should be there for Seeburger?
    We have Agency: Seeburger, Scheme: AS2ID; Name: X.
    Is it correct?
    We also received some 9 char long number - probably some ID to adapter(?). Any idea, if it is necessary and where to use it?
    Is it necessary to configure identifier seeburger also in Identifiers tab of Receiver communication channel? Or we can leave it empty (both- sender, receiver)?
    We use this in B2B scenario, of course: Target system is party, but we use our R/3 as Business System w/o party. Is it ok, or do we laso have to "be" as Party in our configuration scenario?
    A lot of questions, but points will be awarded 4 sure
    Thanx!
    Peter

  • Seeburger AS2 HTTPS receiver channel error

    Hi,
    I am getting the following error in the receiver Seeburger AS2 channel with HTPS connection and going through a proxy to the Partner.All the certificates have been installed,proxy server information gives,mentioned the key store values  and encryption certificate values have been mentioned in the receiver agreement that is using the channel.
    Message processing failed. Cause: javax.resource.ResourceException: Fatal exception: javax.resource.ResourceException: SEEBURGER AS2: HTTP-Client component init failed # java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Could not retrieve alias collection., SEEBURGER AS2: HTTP-Client component init failed # java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Could not retrieve alias collection.
    Can you please give me an idea whether I am missing something or any configuration settings I need to make.
    Thank you,
    Sri

    hi Neetesh,
    Thank you for the link.The first thing I have looked at is the link you gave me.But when I give with * it is complaining that it is not able to retrieve the certificates.
    TRUSTED/AS2CERTS/*,but I have backward slashes..may be  OS is different ,I think the original poste might have Windows servers.
    any other ideas please.
    thank you.

Maybe you are looking for