on 04-07-2009 8:49 AM
Greeting SAP Experts,
I have a very simple working scenario Proxy to XI SOAP to consume a web service on webMethods over the internet. Until this point I have no issues, XI SAP message get received and webMethods sends me the response message back just fine.
However, I want to enable the WS security by signing the request and verfiying the synchronous response from webMethods. I bought a certificate from Verisign and we exchanged the Keys with the partner who runs webMethods.
I have imported the certificates in the visual admin (Key Storage) and configured the communication channels and receive agreement to do the required signing /verification. The security profile used in the receive agreement is http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd.
once webMethods enable the WS security we get the following error in return:
com.sap.aii.af.ra.ms.api.DeliveryException: Unexpected element in SOAP:Fault; HTTP 500 Internal Server Error
The error on the webMethods side:
[signature.inbound.tartD] Starting inbound signature verification
[com.webmethods.ws.security.InboundSecurityProcessor..secEngineErrorE] Security Engine error while processing WS Security headers
another error :
[com.webmethods.fabric.agent.handler.jaxrpc.JAXRPCFabricHandler.result.generalErrorT] General error in operation (class com.webmethods.ws.security.SecurityException)
[com.webmethods.fabric.agent.handler.jaxrpc.JAXRPCFabricHandler.result.generalMessageT] Error message: {1}
[ISC.0038.0002D] --> HTTP/1.1 500 Internal Server Error
from the error it look like webMethods is unable to verify XI SOAP signature .
I appreciate any help in this matter.
Thank you
Hi Joel
XI is only signs the message with Verisign priavte key and verifies the response with the partner's public key. The certificate is showing valid details in the visual admin and also in the receiver agreement security settings. Anything else need to be checke?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Baheej,
Looks like your certificates are not installed properly.
Regards
joel
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Looks like no one has come across such scenario before
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
94 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.