on 02-06-2013 8:29 AM
Dear experts,
I am working on SOAP to RFC scenario with HTTPS where soap sender is J BOSS(tomcat ) server. I want to know how we need to create my sender communication channel with HTTPS.
in my soap sender channel. i have seen inbound security drop down where HTTP security level* has few options
1) HTTP
2)HTTPS WITH CLIENT AUTHENTICATION........(
3)HTTPS WITHOUT CLIENT AUTHENTICATION......................
this is our design plan
we will share our SSL certificates for trusted relation between SAP PI & JBOSS server(SOAP Sender).
in order to achieve this
in SAP PI we installed SSL configuration for in STRUST and shared (PKCS12 ,.CER) files to the J BOSS Server team .as per the below blog.
I have few questions
1) to implement HTTPS scenario with SOAP adapter what are configurations i need to do in SOAP sender Comm channel
in my soap sender channel. i have seen inbound security drop down where HTTP security level* has few options
1) HTTP
2)HTTPS WITH CLIENT AUTHENTICATION........( when we choose this option?)
3)HTTPS WITHOUT CLIENT AUTHENTICATION......................(When we choose this option)
i have seen secuirty checks dropdown in communication channel
if select it is showing 2 options
1) web security(when we choose this option)?
2)s/MIME(when we choose this option)?
if i select security check i need to configure my sender agreement
i need to specify key store view parameters for WS request & response( when we can choose this option)
J BOSS server end
1) what are things need to be done at J BOSS server?
i refered few links in SCN
http://scn.sap.com/message/8910518#8910518
http://scn.sap.com/message/6244674#6244674
http://scn.sap.com/thread/2100000
http://scn.sap.com/thread/1632114
all of them are suggesting different approaches. please suggest me.
Thanks in Advance
Pavan
Dear Experts,
Any Updates on this. i
Regards,
Pavan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Navin,
we have create to SSL certificates in PI side( If you are using DUAl stack then you have to generate the CA certificate in t-code STRUST and NWA both) and need to share them to the thirdparty team.
They will share their SSL certificates to us we ahve to import them into our KEY store( you can find it in NWA key storage or STRUST).
If you faced any issues please update me.
Thanks,
Pavan T
+91 9892398599
Hi Pavan,
We have a similar scenario to implement. We are using PI 7.3. PI is both invoking and hosting Webservices. But neither in SOAP sender adapter nor in SOAP receiver adapter do I see the following options:
HTTP security level
1) HTTP
2)HTTPS WITH CLIENT AUTHENTICATION........( when we choose this option?)
3)HTTPS WITHOUT CLIENT AUTHENTICATION......................(When we choose this option)
Why are they not available? Arent they available by default? Do we have to do some settings?
Thanks for your support.
Regards,
Shobha
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Pavan,
I am working on similar scenario.
I tried to maintain the SSL certificates (private key) on ABAP and imported it in Java Keystore so that HTTP_AAE can use while sending it to 3rd party tool.
But when I uploaded the PI private from ABAP to Java it showed a warning that I need to export view to PSE, which I did , but it displayed a message that JAVA is not the current PSE provider (which I believe is due to the ssl/pse_provider parameter which is pointing to ABAP.At present there are few certificates in the strust and I need to know whether I neglect the warning "export view to pse" or I need to change the pse provider.If yes, then whether changing the pse provider will impact existing certificates which were imported on ABAP stack using strust.
Thanks in advance,
Regards,
Pratik
User | Count |
---|---|
84 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.