SSL in SOAP Adapter

Similar Messages

• Security Issues: SSL on SOAP Adapter and Digital Signature in BPM

  Hi there,
  we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
  1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
  - check whether the SAP Java Crypto Lib is installed in the Web AS;
  - generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
  Is that right?
  I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
  2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
  But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
  Thanks in advance!

  Hello Henrique,
  1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
  2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
  Rgds.,
  Andreas

• Error using SSL on Receiver Soap Adapter

  Hi there,
  I'm having some problems on connecting to a third-party application running a webservice (meaning, through Receiver Soap Adapter). The third-party appl. demands us to use a SSL connection (its url starts with https), with user authentication through certificate.
  We've installed SAP Java Cryptographic toolkit and have a proper certificate configured on the KeyStorage entry, on Visual Administrator.
  On Soap Adapter, I've configured HTTP Transport Protocol and have selected the "configure certificate authentication" option and selected the certificate, filled the mandatory fields (target URL and soap action) but I keep getting this error message on SXMB_MONI: "com.sap.aii.af.ra.ms.api.DeliveryException: unable to create a socket".
  Is there anything else than installing SAP Java Cryptographic Toolkit to enable SSL on Soap Adapter? Is there another configurations that need to be done?
  Thanks in advance,
  Henrique.

  Hi
  can u please tell me, how u r able to resolve the problem
  i am also stuck in the same error
  basically i am working on SSO b/w three systems.
  EP>XI>R/3
  i am able to do the SSO between the EP-->XI
  but  when i try with EP-->XI->R/3 it is giving me error at the receiver side means receiver soap adapter is not accepting the SAP Logon Ticket.
  can u please tell me what entries should be given in the certificate authentication fields.
  please provide the solution.
  Thanks & Regards
  Rinku Gangwani

• Problema with Keystore entry in SOAP Adapter

  Hi all,
  I have a RFC to SOAP scenario wich uses a certicate X.509. I import the certificate in Visual Admin in Key Storage node following this steps:
  /people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
  In Integration Directory, in SOAP Adapter receiver, I want to place the certificate in Keystore view but does'nt appear, there are two entries, service_ssl an TicketStore but I dont find my certificate.
  Any suggestions???
  Regards,
  Pablete

  Hi.
  Look this links below:
  PI 7.1 SOAP scenario with SSL certificate
  SOAP adapter - digital signature
  Digital signed File Upload to XI (PI)
  http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/40f6fee6-9316-2a10-d2a9-954d4df7dd33
  I hope it helps you.
  Regards.
  Bruno

• Using SSL in SOAP Receiver Adapter

  Hello,
  We need to execute a web service that requires using SSL connection. We have done following:
  1. Deployed SAP Java Cryptographic Toolkit
  2. Uploadted the Server certificates chain(Root, Intermediate, and the Server certficate itself)  in TrustedCAs view
  But I can't see the certificate from the Communication Channel screen.
  Could anybody who has done this before please let us know if we are missing anything. I appreciate if anybody can tell us the trouble points/pit falls in this process.
  Any help is greately appreciated.
  Regards
  Venu

  Hi,
  You need to setup SSL layer for HTTPS endpoint.
  Possible HTTP security levels are (in ascending order):
  HTTP without SSL
  HTTP with SSL (= HTTPS), but without client authentication
  HTTP with SSL (= HTTPS) and with client authentication
  HTTPS comes in two flavors, both ensuring the confidentiality of data sent over the network
  Please go through below link for referance (above information is from below link)
  SAP Network Blog: How to use Client Authentication with SOAP Adapter
  /people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter
  SSL useage
  Step by step guide for SSL security
  step by step guide to implement SSL
  http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/ff/7932e4e9c51c4fa596c69e21151c7d/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/13/4a3ad42ae78e4ca256861e078b4160/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/3a/7cddde33ff05cae10000000a128c20/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/0a/0a2e0fef6211d3a6510000e835363f/content.htm
  General guide
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9
  Message level security
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
  Regarding message level you can encrypt the message using certificates.
  For both of this basis team has to deploy the releavant certificates in XI ABAP Stack or Java stack.
  Generally if the scenarios are intra company we dont use any transport level or message level security since the network is already secured.
  Check the following links.. you will get the information all about the securities...
  http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
  Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
  Also find soeminformation in these links
  http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
  /people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
  Thanks
  Swarup
  Edited by: Swarup Sawant on Apr 9, 2008 7:42 PM

• Plain HTTP Adapter vs SOAP Adapter with regards to SSL

  Hi,
  I need to setup communication channles within XI to send and receive secure xml. I am confused after reading the XI documentation and the some of the discussion forums on SDN.
  Can anyone clarify the following:
  1) Does the plain HTTP Adapter support SSL? According to the XI documentation is does NOT? Have I miss read it?
  2) This being the case, the only way to send and receive secure XML is to use the XI/SOAP Adapter?
  Thanx for your help.
  Cheers
  Yackeen

  Hi Yackeen,
  no, that's not true. The plain HTTP Adapter supports SSL. No problem.
  Regards,
  Udo

• Receiver SOAP adapter SSL error - client certificate required?

  Hi all,
  Problem configuring SSL in XI 3.0 NW04 SP17....
  I have followed the config steps from Rahul's excellent weblog at <a href="/people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter">How to use Client Authentication with SOAP Adapter</a> (my Basis team have done the Visual Admin steps) and am going through his example as it closely matches my requirement. So, I have a test receiver SOAP adapter sending messages to a web service URL defined for a sender SOAP adapter. My test scenario is:
  <b>Sender File -> <u><i>Receiver SOAP -> Sender SOAP</i></u> -> IDoc Receiver -> IDocs in R/3</b>
  The problem components are in italic and underlined above. My Receiver SOAP Adapter has the web service URL, Certificate Keystore Entry and View entered. If, in the Sender SOAP Adapter, I have an HTTP Security Level of HTTPS Without Client Authentication, the interface works fine (note that Rahul suggests you untick the User Authentication in the Receiver but with this Security Level, it seems to work with or without it).
  The problem is when I set HTTPS <b>With</b> Client Authentication in the Sender. I then get the following error in the message monitor:
  SOAP: response message contains an error XIServer/UNKNOWN/ModuleUnknownException - com.sap.aii.af.mp.module.ModuleException: java.security.AccessControlException: <b>client certificate required caused by: java.security.AccessControlException</b>: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:1111) at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl3.process(ModuleLocalLocalObjectImpl3.java:103) at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:250) at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0.process(ModuleProcessorLocalLocalObjectImpl0.java:103) at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:166) at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:421) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java(Compiled Code)) at com.sap.engine.services.httpserver.server.Client.handle(Client.java(Inlined Compiled Code)) at com.sap.engine.services.httpserver.server.Processor.request(Processor.java(Compiled Code)) at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java(Compiled Code)) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java(Compiled Code)) at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java(Compiled Code)) at java.security.AccessController.doPrivileged1(Native Method) at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java(Compiled Code)) at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java(Compiled Code)) Caused by: java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:843) ... 22 more
  Has anyone got any idea what this could be caused by?
  Many thanks,
  Stuart Richards

  Have you configured the https port with that keystore entry?
  Check out these links:
  http://help.sap.com/saphelp_nw2004s/helpdata/en/b0/881e3e3986f701e10000000a114084/frameset.htm
  http://help.sap.com/saphelp_nw2004s/helpdata/en/5c/15f73dd0408e5be10000000a114084/frameset.htm
  Regards,
  Henrique.

• SOAP Adapter - HTTPS w/ client authentication -SSL termination @ dispatcher

  Hi,
  We have a SOAP client sending SOAP message over SSL to PI. We are using client cert for authentication, but terminating SSL at web dispatcher. In this scenario, i) do we need to configure security for XISOAPADAPTER in Visual admin on PI and ii) do we need to set HTTPS with client authentication security option in SOAp Sender communication channel?
  My understanding is that since we are terminatinating SSL at web dispatcher (Server authentication happens between third-party gateway and our gateway and when web dispatcher terminates SSL, client cert for auth is passed via httpheader to PI where it is mapped to UME user with sufficient authorizations) we don't need to set the XISOAPADAPTER security (if it is end-to-end ssl we would i guess set up in V. Admin>Security provider service>clientcertloginmodule for XISOAPADAPTER) and we don't need to set the sender channel as https with client authentication ( it should just be http in SOAP sender channel).
  Is my understanding correct? I will really appreciate any clues?
  Thanks,
  Saurabh

  Hi saurabh
  follow these links to SAP note
  these will be helpful for you
  Note 856597 - FAQ: XI 3.0 / PI 7.0 / PI 7.1 SOAP Adapter
  https://websmp102.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=856597&_NLANG=E
  Note 856599 - FAQ: XI 3.0 / PI 7.0 / PI 7.1 Mail Adapter
  https://websmp102.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=856599&_NLANG=E
  Note 870845 - XI 3.0 SOAP adapter SSL client certificate problem
  https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=916664&nlang=EN&smpsrv=https%3a%2f%2fwebsmp102%2esap-ag%2ede
  https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=870845&nlang=EN&smpsrv=https%3a%2f%2fwebsmp102%2esap-ag%2ede
  regards
  Sandeep
  If helpful kindly reward points

• Enabling HTTPS with Client Authentication for Sender SOAP Adapter on PI7.1

  Hello All,
  We are currently building up a HTTPS message exchange with an external client.
  Our PI 7.1 recieved over HTTPS messages on an already configured Sender SOAP Adapter.
  The HTTPS (SSL) connectivity works fine and was completely configured on the ABAP Stack at Trust Manager (TC=STRUSTSSO2)
  Login to Message Servlet "com.sap.aii.adapter.soap.web.MessageServlet is required and works fine with user ID and password.
  Now we have to configure the addtional Client Authentication.
  At SOAP Adapter (Sender Communication Channel) under "HTTP Security Level"you are able to configure "HTTPS with Client Authentication".
  But what are the next steps to get this scenario successfully in place?
  Many thanks in advance!
  Jochen

  Hi Colleagues,
  following Steps still have to be done:
  - Mapping public key to technical user at Java Stack
    As preparation you have to activate value "ume.logon.allow.cert" with true under "com.sap.security.core.ume.service" under Config Tool. At NWA under Identity Management at for repecively technical user the public key certificate
  - Be sure CA root certivicate at Database under STRUSTSSO2
  - Import intermediate Certificate under Certificate List at Trast Manager for the Respecive Server Note
  - use Login Module "client_cert" which you have to configure under NWA\Configuration Management\Authentication for Components "sap.com/com.sap.aii.adapter.soap.app*XISOAPAdapter".
  Many thanks to all for support!
  Regards,
  Jochen

• Login Module configuration for soap adapter ?

  Hi Guys,
  I have configured XISOAPAdapter for client certificate Authentication and i have created 1443 as the HTTPS port on the ABAP stack and defined this port in the instance profile.
  Under SSL provider i have selected 50101 as the HTTPS port and the user mapping to the certificate works fine and i was able to login directly.
  https://host:50101/XISOAPAdapter/MessageServlet - I was able to login with the user mapping to certifcate.
  but when i try https://host:1443/XISOAPAdapter/MessageServlet - it is asking for the basic password authentication and the automatic login with the certifcate is not working. Our customer will be using this url to send messages to soap adapter.
  under policy configurations for XISOAPAdapter, i have defined only clientcertificateloginmodule and define the rule as Rule1.getUserFrom=wholecert.
  any help or suggestions would be appreciated.
  Thanks,
  Srini

  Hi,
  We also experienced that limitation when a vendor is connecting to our XI SOAP Sender Adapter. It is asking for basic username/password. What we did was to create a Generic XI user with a password on it and use SSL authentication at the same time. Our Scenario was PI --> XI --> SAP R3, with the PI system using an HTTP RFC destination with a Basic Logon and Active SSL option to connect to the same system as yours https://host:portnumber/XISOAPAdapter/MessageServlet
  Let me know if this helped...
  Regards,

• Sender SOAP Adapter with HTTPs call

  Hello,
  Our scenarion is ..  we will have a sender SOAP adater .. but it needs to be called using HTTPs(SSL).
  Now considering we have the certificate generated and installed ..and that integration server is HTTPs enabled....What URL should the sending system call..?
  For normal HTTP call the inbound address for inbound Adapter is: http://host:port/XISOAPAdapter/MessageServlet?channel=party:service:channel
  For the case of HTTPs just changing the htttp to https and the port number in in the calling system will suffice? Or is there other configurations that needs to be done??
  Thanks and Regards,
  Himadri

  Hi Himadri,
  Firstly as suggested by others you can call using https and give the https port in the soap adapter servler URL. Secondly you need to do the following configurations:
  1) If its PI 7.0/3.0, deploy the latest version of the SAP Java cryptography toolkit.
  2) Configure SAP PI as the server for HTTPS calls. In short
        Using the SSL Provider service:
                              a.      Select whether the J2EE Engine should:
                                 ■      Request (but not require) that the user presents a client certificate for authentication.
                                 ■      Require that client certificates are to be used for authentication.
                              b.      Import the CAu2019s root certificate into the Trusted Certification Authorities list. (Choose Add.) using the following For all the steps, link is mentioned below for XI 3.0, you can find similar ones for PI 7.0
  http://help.sap.com/saphelp_nw04/helpdata/en/f1/2de3be0382df45a398d3f9fb86a36a/content.htm
  3) If you want to enable client authentication then you would need to add the client certificate in the TrustedCA keystore view of the SAP J2EE engine.
  4) In the SOAP Adapter sender channel, configure Inbound Security level as HTTPS or HTTPs with client authentication based on your scenario.
  Best Regards,
  Pratik

• Error in AXIS SOAP Adapter

  Hi Experts,
  Cuurently i am working on  Synchronous scenario.
  My scenario is ABAP Client Proxy> PI>AXIS SOAP ADAPTER(Webservice).
  My client requirement is to use UsernameToken security with PasswordDigest.
  I have deployed all the relevant .jar files and add the modules related to usernameToken security as per *SAP Note 1039369 FAQ XI Axis Adapter* in Receiver SOAP adapter.
  Now when  i am pushing the data from R/3 to PI, data is successfully coming to PI however when the data is going outside PI through Receiver AXIS  SOAP Adapter in RWB is showing
  *The message was successfully delivered to the application using connection SOAP_http://sap.com/xi/XI/System*
  *The message status set to DLVD*.
  Moreover when i am checking the message through SXMB_MONI i cant see the chequred flag for Request message and for response message its giving the following
  <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
  - <!--  Request Message Mapping
    -->
  - <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="1">
    <SAP:Category>XIAdapter</SAP:Category>
    <SAP:Code area="SOAP">FAULT</SAP:Code>
    <SAP:P1>http://schemas.xmlsoap.org/soap/envelope/</SAP:P1>
    <SAP:P2>Server.generalException</SAP:P2>
    <SAP:P3 />
    <SAP:P4 />
    <SAP:AdditionalText>WSDoAllReceiver: security processing failed (actions number mismatch)</SAP:AdditionalText>
    <SAP:ApplicationFaultMessage namespace="" />
    <SAP:Stack />
    <SAP:Retry>M</SAP:Retry>
    </SAP:Error>
  and when i am cheking the trace of Respose message (request for message mapping ) its giving the
  <Trace level="1" type="T">Message has no payload</Trace>
    <Trace level="1" type="T">RuntimeException during appliction Java mapping com/sap/xi/tf/_MM_UrlResponse_To_CourseAccessUrlResponse_</Trace>
    <Trace level="1" type="T">com.sap.aii.utilxi.misc.api.BaseRuntimeException: Parsing an empty source. Root element expected! at com.sap.aii.mappingtool.tf3.Transformer.checkParserException(Transformer.java:187) at com.sap.aii.mappingtool.tf3.Transformer.start(Transformer.java:151).....
  Currently SSL is not installed in my PI server.For temperory i am using HTTP instead of HTTPS.
  Please provide your valuable inputs on this.
  Regards
  Anku chopra
  Edited by: AnkuChopra on Aug 28, 2009 1:59 PM

  Hi Experts,
  In my Receiver SOAP adapter module Tab.
  As my scenario is synchronous  and i required UsernameToken with PasswordDigest security i have added following parameter value in module.(as per SAP Note 1039369 FAQ XI Axis Adapter ).
  Processing Sequence.
  Module Key
  afreq
  xireq
  wssec
  trp
  xires
  afres
  Module configuration
  ModuleKey  ParameterName   parametervalue
  xireq           handler.type         java:com.sap.aii.axis.xi.XI30OutboundHandler
  wssec         action                   UsernameToken
  wssec        handler.type         java:com.sap.aii.adapter.axis.ra.handlers.security.WSDoAllSender
  wssec       passwordType     PasswordDigest
  wssec      pwd.password     ********************
  wssec      user                       XYZ
  trp            handler.type            java:com.sap.aii.adapter.axis.ra.transport.http.HTTPSender
  trp             module.pivot          true
  xires       handler.type           java:com.sap.aii.axis.xi.XI30OutboundHandler.
  Do we need to do any other configuartion apart from above in parameter value.
  While getting response from third party i getting error as WSDoAllReceiver: security processing failed (actions number mismatch)
  Do i need to add  parameter value for WSDoAllReceiver as well as  my scenario is synchronous.
  Please help me out on this as i am not able to proceeed further because of the above errro.
  Please advice.
  regards
  Anku Chopra

• Error using Sender SOAP adapter over HTTPS

  Hi experts,
  Few weeks ago, i developed an interface as follows: SOAP <-> XI <-> RFC.
  I tested the functionality using Altova and everything went well, with HTTP.
  However, when i use HTTPS it fails throwing these error messages (pop ups):
  <i>"HTTP error: could not post file"......
  "Error sending the soap data"</i>
  I have reviewed the SSL certificates installation and everything seems to be ok, but currently i am stuck and do not know how to fix this.
  I have also change the ID comm channel from HTTP to HTTPS with client aut.
  Is there any special service i have to activate? (XI services and SPIGATE are already done)
  Could you please assist?
  Thanks in advance and best regards,
  David

  David,
  have a look @ these threads...u may get some help!!!
  Sender Soap with HTTPS
  https Soap Adapter
  Regards
  Biplab

• Certificate based authentication with sender SOAP adapter. Please help!

  Hi Experts,
     I have a scenario where first a .Net application makes a webservice call to XI via SOAP Adapter. Then the input from the .Net application is sent to the R/3 system via RFC adapter.
  .Net --->SOAP -
  >XI -
  >RFC -
  R/3 System
  Now as per client requirement I have to implement certificate based authentication in the sender side for the webservice call. In this case the .Net application is the "client" and XI is the "server". In other words the client has to be authenticated by XI server. In order to accomplish this I have setup the security level in the SOAP sender channel as "HTTPS  with client authentication". Additionally I have assigned a .Net userid in the sender agreement under "Assigned users" tab.
  I have also installed the SSL certificate in the client side. Then generated the public key and loaded it into the XI server's keystore.
  When I test the webservice via SOAPUI tool I am always getting the "401 Unauthorized" error. However if I give the userid/password for XI login in the properties option in the SOAPUI tool then it works fine. But my understanding is that in certificate based authentication, the authentication should happen based on the certificate and hence there is no need for the user to enter userid/password. Is my understanding correct? How to exactly test  certificate based authentication?
  Am I missing any steps for certificate based authentication?
  Please help
  Thanks
  Gopal
  Edited by: gopalkrishna baliga on Feb 5, 2008 10:51 AM

  Hi!
  Although soapUI is a very goot SOAP testing tool, you can't test certificate based authentication with it. There is no way (since I know) how to import certificat into soapUI.
  So, try to find other tool, which can use certificates or tey it directly with the sender system.
  Peter

• Error Https SOAP Adapter:NoSuchAlgorithmException: No such algorithm: RSA

  Hi,
  I'm using a SOAP Adapter Receiver to integrate a file to an External WS (with HTTPS). But when I tried to execute It I got the following error:
  Message processing failed. Cause: com.sap.aii.af.ra.ms.api.RecoverableException: Unable to encrypt preMasterSecret: java.security.NoSuchAlgorithmException: No such algorithm: RSA: iaik.security.ssl.SSLException: Unable to encrypt preMasterSecret: java.security.NoSuchAlgorithmException: No such algorithm: RSA
  SOAP: call failed: iaik.security.ssl.SSLException: Unable to encrypt preMasterSecret: java.security.NoSuchAlgorithmException: No such algorithm: RSA     
  I think It is a problem with the creation of the secure channel of HTTPS.
  Any tip is very welcome!!
  Thanks
  Martin

  http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#AppA
  there is not much info to find about who provides for RSA.RSA is already implemented in the Crypto-Provider by Sun. You don't have to laod a special provider.
  The following sample is just enough:
  Cipher cipher = Cipher.getInstance("RSA");Jan