cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SOAP to RFC Scenario with HTTPS in SAP PI 7.3(Dual stack)

Go to solution
former_member200386
Active Participant

on ‎02-06-2013 8:29 AM

0 Kudos

Dear experts,

I am working on SOAP to RFC  scenario with HTTPS  where soap sender is J BOSS(tomcat ) server. I want to know how we need to create my sender communication channel with HTTPS.

in my soap sender channel. i have seen inbound security drop down where HTTP security level* has few options

1) HTTP

2)HTTPS WITH CLIENT AUTHENTICATION........(

3)HTTPS WITHOUT CLIENT AUTHENTICATION......................

this is our design plan

we will share our SSL certificates for trusted relation  between SAP PI & JBOSS server(SOAP Sender).

in order to achieve this

in SAP PI we installed SSL configuration  for in STRUST   and shared (PKCS12 ,.CER)  files  to the J BOSS Server team .as per the below blog.

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2b...

I have few questions

1) to implement HTTPS scenario with SOAP adapter what are configurations i need to do in SOAP sender Comm channel

in my soap sender channel. i have seen inbound  security drop down where HTTP security level* has few options

1) HTTP

2)HTTPS WITH CLIENT AUTHENTICATION........( when we choose this option?)

3)HTTPS WITHOUT CLIENT AUTHENTICATION......................(When we choose this option)

i  have seen secuirty checks dropdown in communication channel

if select it is showing 2 options

1) web security(when we choose this option)?

2)s/MIME(when we choose this option)?

if i select security  check i need to configure my sender agreement

i need to specify key store view parameters for WS request & response( when we can choose this option)

J BOSS server end

1) what are things need to be done at J BOSS server?

i refered few links in SCN

http://scn.sap.com/message/8910518#8910518

http://scn.sap.com/message/6244674#6244674

http://scn.sap.com/thread/2100000

http://scn.sap.com/thread/1632114

all of them are suggesting different approaches. please suggest me.

Thanks in Advance

Pavan

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member200386
Active Participant
‎02-06-2013 1:32 PM
0 Kudos

Dear Experts,

Any  Updates on this. i

Regards,

Pavan

Show replies
Show replies
former_member200386
Active Participant
‎02-07-2013 9:15 AM
0 Kudos

Dear Experts,

The issue was resolved, we installed the client certificates in PI & Jboss server, in The Soap sender channel we used https security level as https without authentication. now inteface with https is running fine, hence i am closing this thread.

Regards,

Pavan

Former Member
‎10-17-2013 5:05 PM
0 Kudos

Hi Pavan,

  Could please tell whether we don't have to create the SSL certificates in NWA and to provide the same to the third party server.

If the third party is providing the certificates, then where it has to be installed?

Thanks,

Navin

former_member200386
Active Participant
‎10-18-2013 9:11 AM
0 Kudos

Hi Navin,

we have create to SSL certificates in PI side( If you are using DUAl stack then you have to generate the CA certificate in t-code STRUST and NWA  both) and  need to share them to the thirdparty team.

They will share their SSL certificates to us we ahve to import them into our KEY store( you can find it in NWA  key storage  or STRUST).

If you faced any issues please update me.

Thanks,

Pavan T

+91 9892398599

Answers (1)

Answers (1)

Former Member
‎06-20-2013 9:19 AM
0 Kudos

Hi Pavan,

We have a similar scenario to implement. We are using PI 7.3. PI is both invoking and hosting Webservices. But neither in SOAP sender adapter nor in SOAP receiver adapter do I see the following options:

HTTP security level

1) HTTP

2)HTTPS WITH CLIENT AUTHENTICATION........( when we choose this option?)

3)HTTPS WITHOUT CLIENT AUTHENTICATION......................(When we choose this option)

Why are they not available? Arent they available by default? Do we have to do some settings?

Thanks for your support.

Regards,

Shobha

Show replies
Show replies
former_member200386
Active Participant
‎06-20-2013 11:37 AM
0 Kudos

Hi Shoba,

Please follow the sap note 1669840. you have import the .tpz file in the ESR . Then your issue will be solved.If you face  any issue please let me know.

Thanks & Regards,

Pavan

Former Member
‎04-09-2015 5:38 PM
0 Kudos

Hi Pavan,

I am working on similar scenario.

I tried to maintain the SSL certificates (private key) on ABAP and imported it in Java Keystore so that HTTP_AAE can use while sending it to 3rd party tool.

But when I uploaded the PI private from ABAP to Java it showed a warning that I need to export view to PSE, which I did , but it displayed a message that JAVA is not the current PSE provider (which I believe is due to the ssl/pse_provider parameter which is pointing to ABAP.At present there are few certificates in the strust and I need to know whether I neglect the warning "export view to pse" or I need to change the pse provider.If yes, then whether changing the pse provider will impact existing certificates which were imported on ABAP stack using strust.

Thanks in advance,

Regards,

Pratik

Ask a Question