on 05-20-2010 10:22 PM
we are consuming a web service in sap ECC system via XI using SSL. So I configured receiver soap adapter. Imported the certificate provided by web service provider to J2EE visual admin key store. However I am not able to see my ceritificates popluated in my communication channel selection list.
Could you please provide steps to configure SSL in receiver soap adapter not for Sender adapter.
Thanks.
Bijay
Bijay,
Check this blog to make sure your steps are correct :-
http://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/3721
http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
Also, make sure you have the correct view where you have installed the certificates.
Regards,
Neetesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The private key is in server side and the public key is used by client for encrypt or decrypt the messages.
So, in your case, ask the receiving side to share their public key, which you will provide to your Key Storage View in NWA.
There are tons of good blogs on SDN / SAP Help for SSL configuration, go through those.
Regards,
Neetesh
Thanks Neetesh. I have read many blogs in this forum before I post this message. All I am getting is how to configure SSL in sender soap adapter.
So let me repharse my issue here:
I am consuming web service in sap ecc system using XI. ECC - XI - soap receiver adapter - thirdparty web service.
I have installed certificate provided by third party in my XI J2ee keystore. Now could you tell me how I configure my comm channel so it uses this certificate when making calls to ws.
regards,
Bijay
Okay, so this is a client certificate and not a CA certificate, right?
In this case, you need to import the client certificate under ICM_SSL_xxx and you can find SSL_Provider if you scroll completly down. You need to import the private key of the client certificate under ICM_SSL_xxx.
Only CA certificates goes in TrustedCA view. You can create a new view ICM_SSL_xxx or put the certificate under any existing ICM_SSL_xxx view, it doesn't matter.
Do this step and let me know if it works. Might be, there is no requirement for private key at this point of time. It completely depends how the receiving system will accept and verify the call from PI server.
Since it's a client certificate, they must be having public and private keys. But this certificate has to be signed by some one like VeriSign and they provide a different key to make it more secured. But anyways, you don't need to go in so much of details right now.
Follow the steps that I mentioned above and hopefully, it should work.
Regards,
Neetesh
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.