on 11-10-2012 11:25 PM
Hi Experts,
I am working on a scenario for sending EDI transactions to our external customer using AS2 Adapter from Seeburger.
Here is my scenario which is having issue: I have configured a scenario from my system "ABC" IdocSender to "DGA" AS2 receiver {which is infact a sceanrio IDOC_AAE to AS2 Receiver adapter}.
Point to Note here is My scenario runs when I don't use any encryption and signing. But when I configure my scenario to use the certificates for encryption and signing, I find the following error in AS2 Receiver channel:
Transmitting the message to endpoint <local> using connection IDoc_AAE_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: javax.resource.ResourceException: Fatal exception: javax.resource.ResourceException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@639f5903, SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@639f5903
Also I can see in NWA logs following entry just after the module processor:
Error while getting inbound bindings Caused by: com.seeburger.xi.config.ConfigException: No binding found for: AS2, http://seeburger.com/xi, DGA, ABC
at com.seeburger.xi.as2.conf.CPACacheQueries.getInboundBinding(CPACacheQueries.java:238)
at com.seeburger.xi.as2.conf.QueryManager.queryInboundRef(QueryManager.java:287)
Where DGA and ABC are AS2 IDs for Partner System DGA and My System ABC respectively. However when I do not use any encryption the binding error of AS2 IDs doesnot pops up.
However another entry in NWA logs says:
AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@5c6853df [LOC: AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@5c6853df.build] Caused by: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@5c6853df
And after that one more entry which says :
LOCATION [null, null, 1f9a18d0-2b8a-11e2-8413-02630a8c012f] >> ERROR TYPE [, COMMUNICATION_ERROR, retryable, not fatal]] >> DESCRIPTION [AS2 Adapter failure >> java.lang.Exception: AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@5c6853df] Caused by: com.seeburger.as2.exception.AS2PluginRetryException: java.lang.Exception: AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@5c6853df
I have configured my receiver Agreement { Outbound Processing} paramters as with keystore
Siging key as : TRUSTED/ABCAS2_Test_key/ABCcertas2
Encryption Key as : TRUSTED/PartnersCerts/DGACert
Could you let me know what is it that I am missing here. Are my certificates not correct? How can I check my ceritifcate if they are good? Is there any authrorization I am missing out here ?
Reagrds
ArunSR
Hi Arun,
We are getting same error with AS2 encryption in our EDI scenario. So wanted to check if you could resolve your issue and if yes, how was it resolved?
Thanks,
Deepak
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Deepak,
since Arun hasn´t posted for the last days in the SCN, I would just suggest that you make this quick test in the Seeburger Workbench:
"Can you verify with the Seeburger-Workbench => System Status => Important Server Properties that all 3 "important system properties" could be verified as "true" ?"
This is just to make sure that all preconditions are met to use encryption at all...
Also, do you use "code-based-access" or "user-based-access" ?
(I would suggest to use "user-based access" and make sure that the user has the required rights no access the corresponding key-store which is used for your encryption)
Greetings
Hi Stefan,
Thanks for quick response. I could see that all 3 Important Server Properties are verified as True (Set to Ok) in Seeburger workbench.
Not sure how to check user-based access or code-based access to key-store for encryption. Can you let me know how can I verify that?
Also is there anything else that we need to check or may be missing?
Thanks,
Deepak
Hi,
- to enable user-based access, A PI-User needs to exist and be inserted to the "Resource-Details" of the AS2-Adapter
Then this user needs to have the role "view-creator.xxxx" assigned to it (where "xxxxx" is the name of the keystore that includes the used certificates/keys for the AS2 connection)
You can also find this information in the "SAP_SeeMasterConfigurationGuide_en.pdf" on page 18 ("User Based Access to SAP PI Keystore").
Hope this helps
Hi Arun,
This issue has been resolved by SAP as by applying note: 1780149 - Register and unregister BouncyCastle provider.
Please let us know if the issue has been resolved at your end by using the above solution.
Regards,
NS
Hi All,
Yes this problem was resolved using the above SAP Note 1780149
The problem was due to our landscape having installation of SAP B2B Adapters and Seeburger Adapters. They adapters were finding Boucy Castle thread bound to one adapter and hence Seeburger AS2 adapter was not able to use the same.
But when we applied the SAP Note, the problem was resolve.
Sorry for the delay posting my response.
Regards,
ArunS.
Hi Arun,
try with backward \ instead of / in the receiver agreement
TRUSTED\ABCAS2_Test_key\ABCcertas2
Cheers
hidayat
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Make sure that Signing key is pointing to your own Private key.
Have you tried with only encryption or only signing? Is that test feasible with your partner?
Regards,
Prateek Raj Srivastava
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stefan,
Thanks for the reply, I just figure out that place page you mentioned for three properties, out of the three important system properties I have only one set to OK,
The Unlimited Stregth and mail.mime.multipart.bmparse are not oka. Could you let me know how can I correct these settings.
However on the unlimited strength Jar file, we have recently deployed the unlimited JCE jar files in our PI box. not sure why this is not updated.
Regards,
ArunSR
Hello,
Regarding the Parse-flag, there is a SAP Note existing "1287778" that describes the quick steps how to fix it.
Regarding the "unlimited strength files", i have seen several reasons at various customers in the past, when the workbench indicated that it is not ok , like
- the files have been replaced in a wrong java directory
- the files have been overwritten again during a patch/upgrade
- the wrong files have been used
- ...
Hi Stefan,
Thanks for the information, It was helpful. However we applied Note 1287778 as described, but the Parse-flag settings in Seeburger still does not reflect it to be oka.
Is it Because we are having SAP 7.30 and the note is for 7.1? Can you let me know where we are doing incorrect?
For JCE, I beleive we missed the file on one of the server path. which is now corrected.
Hi Stefan,
We applied the properties, and now all the three parameters looks to be oka. Still we find following issue, not Sure why this is popping up again. :
Message could not be forwarded to the JCA adapter. Reason: Fatal exception: javax.resource.ResourceException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@efa4ac4, SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: java.io.IOException: unknown object in writeTo com.seeburger.dt.security.smime.SMIMEEnvelopedGenerator$ContentEncryptor@efa4ac4
Anything We are still missing here?
Hi Stefan,
Sorry for the delayed updates, As in my original question, The without Encryption mesaging works fine. The problem only occurs when I am using the encryption/decryption alongwith.
We have open a SAP note we are following up with them for a solution now. Wil update here once I here back from SAP.
Regards,
AS
User | Count |
---|---|
81 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.