cancel
Showing results for 
Search instead for 
Did you mean: 

NWDS SAP PO 7.31 Reading Communication Channel Details Error

Former Member
0 Kudos

Hello,

we're about to use NWDS (7.31, SP1, Patch 2) together with our AEX installation. We have successfully configured the connection to the

Enterprise Service Repository and Integration Directory and are able to read objects. However when trying to read communication channels

details we're getting an error in the NWDS log:

com.sap.aii.util.hmi.api.HmiCoreException: Connection to system Q55 using application <host> lost. Detailed information: Error accessing "http://<host>:57900/rep/remoteobjectaccess/int?container=any" with user "myuser".
Response code is 503, response message is Service Unavailable

Our Integration Directory runs with https on port 443. When I change the URL to "https://<host>:443/rep/remoteobjectaccess/int?container=any", I can see that the service is available. I haven't configured the URL in NWDS, since I suppose that it has been returned from the server on reading communication channel details.

Does anybody know where the correct URL might be configured on the server side?

Kind regards,

Heiko

Accepted Solutions (1)

Accepted Solutions (1)

former_member194612
Active Participant
0 Kudos

Hi,

If the above answer didn't solve the error, please let us know below.

>>> However when trying to read communication channels details we're getting an error in the NWDS log:

What exactly you are trying to click, the error occurs?

Thanks

satish

Former Member
0 Kudos

Hello,

I have tracked down the problem. It occurs since there is a bug in NWDS. Even though a https proxy is configured in NWDS some requests from NWDS to the PI server are made directly without using the proxy. I have opened a ticket at SAP regarding this bug.

Kind regards,

Heiko 

JaySchwendemann
Active Contributor
0 Kudos

Hi Heiko,

any updates on this? I'm experiencing some similar error when I try to connect via HTTPS to the Integration Directory.

NWDS Version is:

SAP Enhancement Package 1 for SAP NetWeaver Developer Studio 7.3 SP11 PAT0002

Error message is:

com.sap.aii.util.hmi.api.HmiCoreException: Connection to system null using application null lost. Detailed information: Error receiving http response from URL "https://<hostname>:50001/dir/query/int?container=any"! Details: caught exception

Message: Socket already closed.

I already pasted the URL to my main browser and while it gave me the credentials view, it worked after filling in the credentials.

For reference: We are using a self signed cert on PI. This cert however was generated through our corporate CA which is trusted on my windows machine using group policies and certification store.

Any thoughts?

Thanks and kind regards

Jens

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi PI experts,

I am also getting below error when trying to open any object in Integration directory in SAP PI 7.4 AEX.

We have changed PI server from http to https.

Error:

https://Hostname: 443/rep/query/int?container=any"! Details: caught exception message : Peer certificate rejected by Chain Verfier

Please let me know how you managed to solve the problem?

https://HostName:443/Regards,

SV

JaySchwendemann
Active Contributor
0 Kudos

The peer certificate error points to some missing trust.

Maybe your PI system is presenting a self signed certificate which your client does not trust. You could check this by simply opening the PI host in the browser using the HTTPS link. If the browser (preferably IE or chrome as they use the windows certificate storage) give you a warning page, you ought to import the certificate in your systems certificate storage.

Please be aware that Firefox uses its own certificate storage.

HTH

Cheers

Jens

Former Member
0 Kudos

Hi Jens,

HTTPS PI host is opening correctly in Internet Explorer.

I am getting below errors while using HTTPS (SSL) in PI DEV system  and also HTTP is disabled:

1. Destinations(SLD_CLIENT and SLD_DATASUPPLIER) throwing following error : Error while silently connecting : org.w3c.www.protocol.http.HttpException : Peer Certificate rejected by ChainVerifier "

2. ID objects not opening and throwing same error " https://HOSTNAME:443/rep/query/int?contianer=any!Details:caught expection message: Peer Certificate rejected by ChainVerifier.

3.Error while doing Component Monitor and PI components(Central Adapter Engine, mAPPing Runtime, ID , ESR ) not visible.

Can you please provide your valuable inputs and help on how to resolve this issue?

Regards,

SV

JaySchwendemann
Active Contributor
0 Kudos

Sorry, but I feel I don't fully understand. There seem to be some mutually exclusive statements here.

Please answer the following questions.

1. Is this whole situation in your DEV landscape?

2. Did you change your DEV PI system from HTTP to HTTPS?

3. Did you also change some business systems the PI connects to from HTTP to HTTPS?

4. Are you able to log on using Chrome or IE to https://<YourPIDEVHost>:<HTTPS Port>/nwa without warning within the browser?

Again check the certificate your PI DEV System presents to the clients (e.g. your Browser). If the certificate itself or the chain is not trusted, you will be getting mentioned errors.

Former Member
0 Kudos

Hi Jens,

Please find my response below:

1. Yes this situation is in our DEV landscape , we just started implementing HTTPS(SSL) in development and testing here, once PI DEV is working fine we will proceed with QA and PRD.

2. Yes we changed DEV PI system from HTTP to HTTPS and http is disabled now , only HTTPS is working.

3. I have not changed any Business system , please let me know what all changes I need to do?

4.Yes I am able to login to https://PIHOST:443/nwa without any warnings..

I have checked the certificate in Configuration -> Security -> SSL , it is in green status, please let me know where to check this?

Regards,

SV

Former Member
0 Kudos

Hi Jens,

Can you please check and provide your comments whenever you have some time?

Thanks in Advance.

Regards,SV

JaySchwendemann
Active Contributor
0 Kudos

Next couple of questions:

5. Is your SLD residing on the very same PI host?

6. If you navigate to the destination SLD_CLIENT, is it set to https (URL begins with HTTPS, Ignore SSL Server Certificates is unchecked, Keystore view is set to TrustedCAs)?

From the things you said until now I would assume that your PI presents a self signed certificate or a certificate signed from a non trusted CA.

Connecting via Browser (works)

Connecting via your Browser is probably working without warning since you either are trusting the certificate directly (formerly have imported it) or trusting the Issuing / Root CA with your Windows client. Both mentioned options could easily have been deployed to your Windows client automatically by your Win Administrator team via group policy, so you maybe didn't even know those trusts were in place.

Connecting via Swing Clients for ID (doesn't work)

The swing clients probably use the java environments certificate store they are starting with. In those stores probably the trust relationship is missing. You want to check on that

Connecting to a Destination e.g. SLD_CLIENT (doesn't work)

Assuming that the SLD is running on the PI host, PI here acts as a client. You will have to tell the NWA that it should begin to trust the certificate, e.g. by importing Root (and or issuing) certificate of your certification chain to TrustedCAs view.

Generally you should follow this Configuring the Use of SSL on the AS Java - Network and Transport Layer Security - SAP Library to set up HTTPS, there might be other steps missing, that I didn't catch in this port

Cheers

Jens

Former Member
0 Kudos

Hi Jens,

Please find my comments below:

1. Yes, SLD is residing on same PI host.

2. SLD_Client and SLD_DataSupplier URL is correct, starts with HTTPS and Ignore SSL server certificate is unchecked and Trusted Server Certificates Keystore view is Trusted CA's and logon Data Authentication is No Authentication

As per info received from Basis team , PI presents certificate signed by trusted CA.

Please let me know how I should proceed from here?

Your help is really appreciated .

Thanks in advance,

Regards,

SV

JaySchwendemann
Active Contributor
0 Kudos

Did you follow / read the link I posted above? The following checks are within the already posted helpfile section, specifically outlined here: Configuration of the AS Java Keystore Views for SSL - Network and Transport Layer Security - SAP Lib...

Please check if you have imported issuing and root certificate of your CA to the following keystore views in PI's NWA --> Configuration --> Certificates and Keys --> Key Storage.

ICM_SSL_<Instance ID>

ICM_SSL_<Instance ID>_<SSL Port>

TrustedCAs

Cheers

Jens

Former Member
0 Kudos

Hi,

Did you tried enabling the https port in the connection details tab in NWDS ?

HTH

Rajesh