cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ssl certificate error in SOAP receiver channel

Former Member

on ‎04-22-2013 3:13 PM

0 Kudos

Hi,

My scenario is RFC to SOAP synchronous scenario, where when i am sending request to the web service it is not reaching the end point.we have  installed the self signed certificate in NWA and i have configured the receiver agreement with key storage view and key storage entry,even though i am getting the following error in receiver communication channel.

Please find the error screen shot in the attachment.

Regards,

Trinadh

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎04-23-2013 10:09 PM
0 Kudos

Hi,

Much of your error message was cutoff but we can see it says error with encryption. If the adapter cannot encrypt properly, maybe it won't try to reach the end point.

Have you tried testing this transaction without encryption just to start narrowing down the root cause?

Could you share your relevant receiver agreement and adapter settings?

Any more information learned from Default Trace in NWA?

Also, maybe XPI Inspector can help you get closer to root cause.

http://scn.sap.com/community/pi-and-soa-middleware/blog/2012/01/12/michals-pi-tips-xpi-inspector--he...

Show replies
Show replies
Former Member
‎04-24-2013 4:12 AM
0 Kudos

Hi,

As i am trying to send messages from pi to web service,i got certificate(.cer) from the client and we have imported the certificate directly. i didn't generate any keys and and certificates. i have configured the same in the receiver agreement.

Have you tried testing this transaction without encryption just to start narrowing down the root cause?

yes, i have tried without giving any certificates i got this error

“Message processing failed. Cause: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.EOFException: Connection closed by remote host.”

please find the receiver agreement setting and communicator channel setting in the attached screen shots.

Regards,

Trinadh

Former Member
‎04-24-2013 3:36 PM
0 Kudos

What example are you working from?

You could try:

In Comm Channel, check Configure Certificate Authentication

Enter details about keystore view and entry

Uncheck Security Profile.

This authenticates you to the 3rd party, and it will be encrypted because you are using HTTPS.

I'm not sure if you really need Adapter Specific Attributes in Receiver Agreement.

Former Member
‎04-24-2013 3:49 PM
0 Kudos

In Comm Channel, check Configure Certificate Authentication

I have tried this option ,where i am not able to find the my key store view and key store entry.

That is the reason i have checked the security profile, so that i can give my certificate details in the Receiver agreement.

I got certificate (x.509 certificate) from third party  and we have imported directly, do we need any other things  needed related to certificates.

could you please help me out ....!

Regards,

Trinadh

Former Member
‎04-24-2013 4:53 PM
0 Kudos

How did you load your certificate? STRUST or NetWeaver Admin?

When you browse for Keystore View, you see other views but not the one you are looking for?

Do you see DEFAULT or any other entries for example?

Former Member
‎04-25-2013 3:47 AM
0 Kudos

How did you load your certificate? STRUST or NetWeaver Admin?

Netweaver Admin

When you browse for Keystore View, you see other views but not the one you are looking for?

yes, i can see the other certificates in communication channel level, except mine.

Do you see DEFAULT or any other entries for example?

i am able to see default as well as other entries also.

Let me know if you require any further inforamation.

Regards,

Trinadh

Former Member
‎04-25-2013 1:46 PM
0 Kudos

I think you should work to make your certificate visible from that browser in the com channel.

So maybe this really has to do with your keystore view permissions, account used to import the certificate, or account used to access it.

http://help.sap.com/saphelp_nw04s/helpdata/en/76/d8644233cfc553e10000000a1550b0/content.htm

Former Member
‎04-26-2013 2:53 PM
0 Kudos

Hi Trinadh, did you get anywhere with permissions, or is your certificate still not usable?

Ernesto, you seemed to have the same problem...did you make it work?

ernesto_cruz
Participant
‎04-26-2013 3:15 PM
0 Kudos

Hi Aaron / Trinadh, I have a similar requirement, but the areas of origin and destination (SAP and WS), are testing the interface without https, as proof that the information is coming correctly on both sides, then in our area have planned to apply the link:

http://scn.sap.com/thread/1899314

My thread is

http://scn.sap.com/thread/3333655

Regards!

ernesto_cruz
Participant
‎04-23-2013 7:26 PM
0 Kudos

Hi Trinadh, I am researching about the same stage as yours.

I hope the following link can help:

http://scn.sap.com/message/5968344#5968344

Regards

Show replies
Show replies
Ask a Question