cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PI 7.1error message bad certificate.

former_member907760
Explorer

on ‎01-07-2012 11:17 AM

0 Kudos

Dears,

We have configured our PI 7.1 system to send payment messages to our business partner through its HTTPS URL using SOAP adapter, hence while testing we are getting the following error message; I'll appreciate if anyone can give his/her expert advice on this:

SOAP: call failed: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: bad certificate

For more Information we did the following:

We received partner's public key certificate and we installed it on PI Trusted CA.

We provide them our public key to install it on their system.

I already developed a stand-alone java class to post to partner URL and after i added all certificates to Java trust certificates i got same error message (EXCEPTION : javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate).

We add their server to our network. so we are using IP addresses to send and receive.

We configured PI https ports .

I already read many articals, but i don't know where is the problem exactly.

Regards,

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member907760
Explorer
‎01-07-2012 12:59 PM
0 Kudos

I asked them to post an XML to our PI server to make sure their certificate working correctly.

But they said we can't post to your URL because it contains "&" char.

Is ther a way to provide them URL without any "&".

https://*****:5365/sap/xi/adapter_plain?namespace=urn%3ADBD_P&interface=SI_DBD_OB&service=CC_DBD&party=&agency=&scheme=&sap-user=*&sap-password=***&sap-client=130&sap-language=EN

Show replies
Show replies
baskar_gopalakrishnan2
Active Contributor
‎01-07-2012 7:21 PM
0 Kudos

I believe you are consuming the target system's webservice. So you get certificate errror. Onlly if you host any web service, you can provide WSDL to them. From wsdl they can find url to post request on the server. The client test on PI server is not valid test.

Regarding your certificate error, Please check in STRUST the validity of the certificate. Also the host or domain name pertain to the certificate.

former_member907760
Explorer
‎01-08-2012 8:45 AM
0 Kudos

Thanks Baskar.

They can modify there system because their system is connected for many customers.

in my configuration i didn't use sender agreement only receiver agreement for my scenario Vendor http<->PI(SOAP)<-->SAP RFC

Is it OK to provide them the following URL :

https://****:50**/XISOAPAdapter/MessageServlet?channel=:<Business System>:<Receiver Communication Chancel>

And how can let them access without Username & password.

For certificates i added them to strust but same thing.

Regards,

former_member907760
Explorer
‎01-08-2012 1:06 PM
0 Kudos

My scinario is like the following example but with Sync(two ways):

Https<>PI<>SAP.

http://www.saptechnical.com/Tutorials/XI/HTTP/RFC.htm

former_member907760
Explorer
‎01-09-2012 6:27 AM
0 Kudos

Can any one guide me regarding this issue?

Regards,

former_member907760
Explorer
‎01-09-2012 8:15 AM
0 Kudos

The scenario is HTTP(s) client to RFC.

markangelo_dihiansan
Active Contributor
‎01-09-2012 8:40 AM
0 Kudos

Hello,

Is ther a way to provide them URL without any "&".

Can you try using the "escaped" version of "&" which is "%26"?

Regards,

Mark

former_member907760
Explorer
‎01-09-2012 1:04 PM
0 Kudos

Hello,

Thanks for your reply, but it dosen't work.

BR,

Ask a Question