SSL in SOAP Adapter
Hi All,
I am working on the Receiver SOAP Adapter. Here i need to use SSL. Can any Please explain the use of SSL and How to configure the SSL and HTTPS.
Thanks
Karthik.
Hi,
I have configured successflly SSL with SOAP adapter. Follow below steps
1. First we need to deplay SAP crypto graphic libry for HTTPS protoco. This library available in service market place, depneding on operating system we need to choose version. Once you deploy library to Pi automatically HTTPS protocol will be active.
2. After that need to link HTTPS protocol with specific port. SAP have standad port for HTTPS protoco through Tcode SMICM, check with your bsis team.
Follow below links for certificate configuration on visual admin window
SSL Configuration
http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
SSL config pdf
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/964f67ec-0701-0010-bd88-f995abf4e1fc
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/23894238-0701-0010-40b0-a0a6d5c4ad9f?prtmode=navigate
SSL Message level security
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
Certificate Authority
http://www.tc.umn.edu/~brams006/selfsign.html
Digital signature & document entryption
http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/frameset.htm
digital certificate configuration in xi
/people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
Similar Messages
-
Security Issues: SSL on SOAP Adapter and Digital Signature in BPM
Hi there,
we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
- check whether the SAP Java Crypto Lib is installed in the Web AS;
- generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
Is that right?
I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
Thanks in advance!Hello Henrique,
1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
Rgds.,
Andreas -
Error using SSL on Receiver Soap Adapter
Hi there,
I'm having some problems on connecting to a third-party application running a webservice (meaning, through Receiver Soap Adapter). The third-party appl. demands us to use a SSL connection (its url starts with https), with user authentication through certificate.
We've installed SAP Java Cryptographic toolkit and have a proper certificate configured on the KeyStorage entry, on Visual Administrator.
On Soap Adapter, I've configured HTTP Transport Protocol and have selected the "configure certificate authentication" option and selected the certificate, filled the mandatory fields (target URL and soap action) but I keep getting this error message on SXMB_MONI: "com.sap.aii.af.ra.ms.api.DeliveryException: unable to create a socket".
Is there anything else than installing SAP Java Cryptographic Toolkit to enable SSL on Soap Adapter? Is there another configurations that need to be done?
Thanks in advance,
Henrique.Hi
can u please tell me, how u r able to resolve the problem
i am also stuck in the same error
basically i am working on SSO b/w three systems.
EP>XI>R/3
i am able to do the SSO between the EP-->XI
but when i try with EP-->XI->R/3 it is giving me error at the receiver side means receiver soap adapter is not accepting the SAP Logon Ticket.
can u please tell me what entries should be given in the certificate authentication fields.
please provide the solution.
Thanks & Regards
Rinku Gangwani -
Problema with Keystore entry in SOAP Adapter
Hi all,
I have a RFC to SOAP scenario wich uses a certicate X.509. I import the certificate in Visual Admin in Key Storage node following this steps:
/people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
In Integration Directory, in SOAP Adapter receiver, I want to place the certificate in Keystore view but does'nt appear, there are two entries, service_ssl an TicketStore but I dont find my certificate.
Any suggestions???
Regards,
PableteHi.
Look this links below:
PI 7.1 SOAP scenario with SSL certificate
SOAP adapter - digital signature
Digital signed File Upload to XI (PI)
http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/40f6fee6-9316-2a10-d2a9-954d4df7dd33
I hope it helps you.
Regards.
Bruno -
Using SSL in SOAP Receiver Adapter
Hello,
We need to execute a web service that requires using SSL connection. We have done following:
1. Deployed SAP Java Cryptographic Toolkit
2. Uploadted the Server certificates chain(Root, Intermediate, and the Server certficate itself) in TrustedCAs view
But I can't see the certificate from the Communication Channel screen.
Could anybody who has done this before please let us know if we are missing anything. I appreciate if anybody can tell us the trouble points/pit falls in this process.
Any help is greately appreciated.
Regards
VenuHi,
You need to setup SSL layer for HTTPS endpoint.
Possible HTTP security levels are (in ascending order):
HTTP without SSL
HTTP with SSL (= HTTPS), but without client authentication
HTTP with SSL (= HTTPS) and with client authentication
HTTPS comes in two flavors, both ensuring the confidentiality of data sent over the network
Please go through below link for referance (above information is from below link)
SAP Network Blog: How to use Client Authentication with SOAP Adapter
/people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter
SSL useage
Step by step guide for SSL security
step by step guide to implement SSL
http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
http://help.sap.com/saphelp_nw04/helpdata/en/ff/7932e4e9c51c4fa596c69e21151c7d/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/13/4a3ad42ae78e4ca256861e078b4160/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/3a/7cddde33ff05cae10000000a128c20/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/0a/0a2e0fef6211d3a6510000e835363f/content.htm
General guide
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9
Message level security
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
Regarding message level you can encrypt the message using certificates.
For both of this basis team has to deploy the releavant certificates in XI ABAP Stack or Java stack.
Generally if the scenarios are intra company we dont use any transport level or message level security since the network is already secured.
Check the following links.. you will get the information all about the securities...
http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
Also find soeminformation in these links
http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
/people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
Thanks
Swarup
Edited by: Swarup Sawant on Apr 9, 2008 7:42 PM -
Plain HTTP Adapter vs SOAP Adapter with regards to SSL
Hi,
I need to setup communication channles within XI to send and receive secure xml. I am confused after reading the XI documentation and the some of the discussion forums on SDN.
Can anyone clarify the following:
1) Does the plain HTTP Adapter support SSL? According to the XI documentation is does NOT? Have I miss read it?
2) This being the case, the only way to send and receive secure XML is to use the XI/SOAP Adapter?
Thanx for your help.
Cheers
YackeenHi Yackeen,
no, that's not true. The plain HTTP Adapter supports SSL. No problem.
Regards,
Udo -
Receiver SOAP adapter SSL error - client certificate required?
Hi all,
Problem configuring SSL in XI 3.0 NW04 SP17....
I have followed the config steps from Rahul's excellent weblog at <a href="/people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter">How to use Client Authentication with SOAP Adapter</a> (my Basis team have done the Visual Admin steps) and am going through his example as it closely matches my requirement. So, I have a test receiver SOAP adapter sending messages to a web service URL defined for a sender SOAP adapter. My test scenario is:
<b>Sender File -> <u><i>Receiver SOAP -> Sender SOAP</i></u> -> IDoc Receiver -> IDocs in R/3</b>
The problem components are in italic and underlined above. My Receiver SOAP Adapter has the web service URL, Certificate Keystore Entry and View entered. If, in the Sender SOAP Adapter, I have an HTTP Security Level of HTTPS Without Client Authentication, the interface works fine (note that Rahul suggests you untick the User Authentication in the Receiver but with this Security Level, it seems to work with or without it).
The problem is when I set HTTPS <b>With</b> Client Authentication in the Sender. I then get the following error in the message monitor:
SOAP: response message contains an error XIServer/UNKNOWN/ModuleUnknownException - com.sap.aii.af.mp.module.ModuleException: java.security.AccessControlException: <b>client certificate required caused by: java.security.AccessControlException</b>: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:1111) at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl3.process(ModuleLocalLocalObjectImpl3.java:103) at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:250) at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0.process(ModuleProcessorLocalLocalObjectImpl0.java:103) at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:166) at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:421) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.Client.handle(Client.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.Processor.request(Processor.java(Compiled Code)) at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java(Compiled Code)) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java(Compiled Code)) at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java(Compiled Code)) at java.security.AccessController.doPrivileged1(Native Method) at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java(Compiled Code)) Caused by: java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:843) ... 22 more
Has anyone got any idea what this could be caused by?
Many thanks,
Stuart RichardsHave you configured the https port with that keystore entry?
Check out these links:
http://help.sap.com/saphelp_nw2004s/helpdata/en/b0/881e3e3986f701e10000000a114084/frameset.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/5c/15f73dd0408e5be10000000a114084/frameset.htm
Regards,
Henrique. -
SOAP Adapter - HTTPS w/ client authentication -SSL termination @ dispatcher
Hi,
We have a SOAP client sending SOAP message over SSL to PI. We are using client cert for authentication, but terminating SSL at web dispatcher. In this scenario, i) do we need to configure security for XISOAPADAPTER in Visual admin on PI and ii) do we need to set HTTPS with client authentication security option in SOAp Sender communication channel?
My understanding is that since we are terminatinating SSL at web dispatcher (Server authentication happens between third-party gateway and our gateway and when web dispatcher terminates SSL, client cert for auth is passed via httpheader to PI where it is mapped to UME user with sufficient authorizations) we don't need to set the XISOAPADAPTER security (if it is end-to-end ssl we would i guess set up in V. Admin>Security provider service>clientcertloginmodule for XISOAPADAPTER) and we don't need to set the sender channel as https with client authentication ( it should just be http in SOAP sender channel).
Is my understanding correct? I will really appreciate any clues?
Thanks,
SaurabhHi saurabh
follow these links to SAP note
these will be helpful for you
Note 856597 - FAQ: XI 3.0 / PI 7.0 / PI 7.1 SOAP Adapter
https://websmp102.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=856597&_NLANG=E
Note 856599 - FAQ: XI 3.0 / PI 7.0 / PI 7.1 Mail Adapter
https://websmp102.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=856599&_NLANG=E
Note 870845 - XI 3.0 SOAP adapter SSL client certificate problem
https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=916664&nlang=EN&smpsrv=https%3a%2f%2fwebsmp102%2esap-ag%2ede
https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=870845&nlang=EN&smpsrv=https%3a%2f%2fwebsmp102%2esap-ag%2ede
regards
Sandeep
If helpful kindly reward points -
Enabling HTTPS with Client Authentication for Sender SOAP Adapter on PI7.1
Hello All,
We are currently building up a HTTPS message exchange with an external client.
Our PI 7.1 recieved over HTTPS messages on an already configured Sender SOAP Adapter.
The HTTPS (SSL) connectivity works fine and was completely configured on the ABAP Stack at Trust Manager (TC=STRUSTSSO2)
Login to Message Servlet "com.sap.aii.adapter.soap.web.MessageServlet is required and works fine with user ID and password.
Now we have to configure the addtional Client Authentication.
At SOAP Adapter (Sender Communication Channel) under "HTTP Security Level"you are able to configure "HTTPS with Client Authentication".
But what are the next steps to get this scenario successfully in place?
Many thanks in advance!
JochenHi Colleagues,
following Steps still have to be done:
- Mapping public key to technical user at Java Stack
As preparation you have to activate value "ume.logon.allow.cert" with true under "com.sap.security.core.ume.service" under Config Tool. At NWA under Identity Management at for repecively technical user the public key certificate
- Be sure CA root certivicate at Database under STRUSTSSO2
- Import intermediate Certificate under Certificate List at Trast Manager for the Respecive Server Note
- use Login Module "client_cert" which you have to configure under NWA\Configuration Management\Authentication for Components "sap.com/com.sap.aii.adapter.soap.app*XISOAPAdapter".
Many thanks to all for support!
Regards,
Jochen -
Login Module configuration for soap adapter ?
Hi Guys,
I have configured XISOAPAdapter for client certificate Authentication and i have created 1443 as the HTTPS port on the ABAP stack and defined this port in the instance profile.
Under SSL provider i have selected 50101 as the HTTPS port and the user mapping to the certificate works fine and i was able to login directly.
https://host:50101/XISOAPAdapter/MessageServlet - I was able to login with the user mapping to certifcate.
but when i try https://host:1443/XISOAPAdapter/MessageServlet - it is asking for the basic password authentication and the automatic login with the certifcate is not working. Our customer will be using this url to send messages to soap adapter.
under policy configurations for XISOAPAdapter, i have defined only clientcertificateloginmodule and define the rule as Rule1.getUserFrom=wholecert.
any help or suggestions would be appreciated.
Thanks,
SriniHi,
We also experienced that limitation when a vendor is connecting to our XI SOAP Sender Adapter. It is asking for basic username/password. What we did was to create a Generic XI user with a password on it and use SSL authentication at the same time. Our Scenario was PI --> XI --> SAP R3, with the PI system using an HTTP RFC destination with a Basic Logon and Active SSL option to connect to the same system as yours https://host:portnumber/XISOAPAdapter/MessageServlet
Let me know if this helped...
Regards, -
Sender SOAP Adapter with HTTPs call
Hello,
Our scenarion is .. we will have a sender SOAP adater .. but it needs to be called using HTTPs(SSL).
Now considering we have the certificate generated and installed ..and that integration server is HTTPs enabled....What URL should the sending system call..?
For normal HTTP call the inbound address for inbound Adapter is: http://host:port/XISOAPAdapter/MessageServlet?channel=party:service:channel
For the case of HTTPs just changing the htttp to https and the port number in in the calling system will suffice? Or is there other configurations that needs to be done??
Thanks and Regards,
HimadriHi Himadri,
Firstly as suggested by others you can call using https and give the https port in the soap adapter servler URL. Secondly you need to do the following configurations:
1) If its PI 7.0/3.0, deploy the latest version of the SAP Java cryptography toolkit.
2) Configure SAP PI as the server for HTTPS calls. In short
Using the SSL Provider service:
a. Select whether the J2EE Engine should:
■ Request (but not require) that the user presents a client certificate for authentication.
■ Require that client certificates are to be used for authentication.
b. Import the CAu2019s root certificate into the Trusted Certification Authorities list. (Choose Add.) using the following For all the steps, link is mentioned below for XI 3.0, you can find similar ones for PI 7.0
http://help.sap.com/saphelp_nw04/helpdata/en/f1/2de3be0382df45a398d3f9fb86a36a/content.htm
3) If you want to enable client authentication then you would need to add the client certificate in the TrustedCA keystore view of the SAP J2EE engine.
4) In the SOAP Adapter sender channel, configure Inbound Security level as HTTPS or HTTPs with client authentication based on your scenario.
Best Regards,
Pratik -
Hi Experts,
Cuurently i am working on Synchronous scenario.
My scenario is ABAP Client Proxy> PI>AXIS SOAP ADAPTER(Webservice).
My client requirement is to use UsernameToken security with PasswordDigest.
I have deployed all the relevant .jar files and add the modules related to usernameToken security as per *SAP Note 1039369 FAQ XI Axis Adapter* in Receiver SOAP adapter.
Now when i am pushing the data from R/3 to PI, data is successfully coming to PI however when the data is going outside PI through Receiver AXIS SOAP Adapter in RWB is showing
*The message was successfully delivered to the application using connection SOAP_http://sap.com/xi/XI/System*
*The message status set to DLVD*.
Moreover when i am checking the message through SXMB_MONI i cant see the chequred flag for Request message and for response message its giving the following
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
- <!-- Request Message Mapping
-->
- <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="1">
<SAP:Category>XIAdapter</SAP:Category>
<SAP:Code area="SOAP">FAULT</SAP:Code>
<SAP:P1>http://schemas.xmlsoap.org/soap/envelope/</SAP:P1>
<SAP:P2>Server.generalException</SAP:P2>
<SAP:P3 />
<SAP:P4 />
<SAP:AdditionalText>WSDoAllReceiver: security processing failed (actions number mismatch)</SAP:AdditionalText>
<SAP:ApplicationFaultMessage namespace="" />
<SAP:Stack />
<SAP:Retry>M</SAP:Retry>
</SAP:Error>
and when i am cheking the trace of Respose message (request for message mapping ) its giving the
<Trace level="1" type="T">Message has no payload</Trace>
<Trace level="1" type="T">RuntimeException during appliction Java mapping com/sap/xi/tf/_MM_UrlResponse_To_CourseAccessUrlResponse_</Trace>
<Trace level="1" type="T">com.sap.aii.utilxi.misc.api.BaseRuntimeException: Parsing an empty source. Root element expected! at com.sap.aii.mappingtool.tf3.Transformer.checkParserException(Transformer.java:187) at com.sap.aii.mappingtool.tf3.Transformer.start(Transformer.java:151).....
Currently SSL is not installed in my PI server.For temperory i am using HTTP instead of HTTPS.
Please provide your valuable inputs on this.
Regards
Anku chopra
Edited by: AnkuChopra on Aug 28, 2009 1:59 PMHi Experts,
In my Receiver SOAP adapter module Tab.
As my scenario is synchronous and i required UsernameToken with PasswordDigest security i have added following parameter value in module.(as per SAP Note 1039369 FAQ XI Axis Adapter ).
Processing Sequence.
Module Key
afreq
xireq
wssec
trp
xires
afres
Module configuration
ModuleKey ParameterName parametervalue
xireq handler.type java:com.sap.aii.axis.xi.XI30OutboundHandler
wssec action UsernameToken
wssec handler.type java:com.sap.aii.adapter.axis.ra.handlers.security.WSDoAllSender
wssec passwordType PasswordDigest
wssec pwd.password ********************
wssec user XYZ
trp handler.type java:com.sap.aii.adapter.axis.ra.transport.http.HTTPSender
trp module.pivot true
xires handler.type java:com.sap.aii.axis.xi.XI30OutboundHandler.
Do we need to do any other configuartion apart from above in parameter value.
While getting response from third party i getting error as WSDoAllReceiver: security processing failed (actions number mismatch)
Do i need to add parameter value for WSDoAllReceiver as well as my scenario is synchronous.
Please help me out on this as i am not able to proceeed further because of the above errro.
Please advice.
regards
Anku Chopra -
Error using Sender SOAP adapter over HTTPS
Hi experts,
Few weeks ago, i developed an interface as follows: SOAP <-> XI <-> RFC.
I tested the functionality using Altova and everything went well, with HTTP.
However, when i use HTTPS it fails throwing these error messages (pop ups):
<i>"HTTP error: could not post file"......
"Error sending the soap data"</i>
I have reviewed the SSL certificates installation and everything seems to be ok, but currently i am stuck and do not know how to fix this.
I have also change the ID comm channel from HTTP to HTTPS with client aut.
Is there any special service i have to activate? (XI services and SPIGATE are already done)
Could you please assist?
Thanks in advance and best regards,
DavidDavid,
have a look @ these threads...u may get some help!!!
Sender Soap with HTTPS
https Soap Adapter
Regards
Biplab -
Certificate based authentication with sender SOAP adapter. Please help!
Hi Experts,
I have a scenario where first a .Net application makes a webservice call to XI via SOAP Adapter. Then the input from the .Net application is sent to the R/3 system via RFC adapter.
.Net --->SOAP -
>XI -
>RFC -
R/3 System
Now as per client requirement I have to implement certificate based authentication in the sender side for the webservice call. In this case the .Net application is the "client" and XI is the "server". In other words the client has to be authenticated by XI server. In order to accomplish this I have setup the security level in the SOAP sender channel as "HTTPS with client authentication". Additionally I have assigned a .Net userid in the sender agreement under "Assigned users" tab.
I have also installed the SSL certificate in the client side. Then generated the public key and loaded it into the XI server's keystore.
When I test the webservice via SOAPUI tool I am always getting the "401 Unauthorized" error. However if I give the userid/password for XI login in the properties option in the SOAPUI tool then it works fine. But my understanding is that in certificate based authentication, the authentication should happen based on the certificate and hence there is no need for the user to enter userid/password. Is my understanding correct? How to exactly test certificate based authentication?
Am I missing any steps for certificate based authentication?
Please help
Thanks
Gopal
Edited by: gopalkrishna baliga on Feb 5, 2008 10:51 AMHi!
Although soapUI is a very goot SOAP testing tool, you can't test certificate based authentication with it. There is no way (since I know) how to import certificat into soapUI.
So, try to find other tool, which can use certificates or tey it directly with the sender system.
Peter -
Error Https SOAP Adapter:NoSuchAlgorithmException: No such algorithm: RSA
Hi,
I'm using a SOAP Adapter Receiver to integrate a file to an External WS (with HTTPS). But when I tried to execute It I got the following error:
Message processing failed. Cause: com.sap.aii.af.ra.ms.api.RecoverableException: Unable to encrypt preMasterSecret: java.security.NoSuchAlgorithmException: No such algorithm: RSA: iaik.security.ssl.SSLException: Unable to encrypt preMasterSecret: java.security.NoSuchAlgorithmException: No such algorithm: RSA
SOAP: call failed: iaik.security.ssl.SSLException: Unable to encrypt preMasterSecret: java.security.NoSuchAlgorithmException: No such algorithm: RSA
I think It is a problem with the creation of the secure channel of HTTPS.
Any tip is very welcome!!
Thanks
Martinhttp://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#AppA
there is not much info to find about who provides for RSA.RSA is already implemented in the Crypto-Provider by Sun. You don't have to laod a special provider.
The following sample is just enough:
Cipher cipher = Cipher.getInstance("RSA");Jan
Maybe you are looking for
-
Can I add a lossless file to my itunes library?
Can i add a lossless music file to my itunes library? Usually what i do is drag the file or folder into music/itunes/itunes media/automatically add to itunes and it works fine, everything shows in my library and plays perfectly. But with this lossles
-
Hello, I bought my 24" iMac couple of months ago and I am a web and graphic designer. I have a problem with the monitor colors since colors are much brighter than what I see on any PC, I tried to change the brightness of the monitor and tried changin
-
In which system field double click feild will stored
hi when you double click in interactive report, in which system field will store that value Message was edited by: sudhakara reddy
-
I bought songs on my iphone which I don't have anymore and would like them on my computer so I do not have to rebuy them is there a way to get those songs back?
-
Photoshop installation problems - Windows 8.1
So I got adobe elements 13 & adobe premiere elements 13 in which i recieved via a gift card. I have followed the instructions on how to install e.g 1. visit the website 2.enter the redemption code from the card 3.download the software using the provi