on 08-27-2013 5:28 PM
Hi Experts ,
we are facing the issue while sending the messages to EDI partner from PI system.below error we are getting..
ERROR:
Delivery of the message to the application using connection AS2_http://seeburger.com/xi failed, due to: com.sap.aii.af.ra.ms.api.RecoverableException: Fatal exception: javax.resource.ResourceException: SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: unexpected message # , SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: unexpected message # : javax.resource.ResourceException: Fatal exception: javax.resource.ResourceException: SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: unexpected message # , SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: unexpected message
if we are using trasport protocall as HTTPS we are getting above error..in communication channel also we have 2 more options below
1)server certificate (Key store)
2) Private key for client authendication
which certificate details we need to maintaine in communication channe ?
is this related Partner certificates or PI own signed certificates ?
if we are using HTTP then messages are processing sucessfully..
could you please help me here...
Regards,
Srinivas..
Hi Pranil / Stefan ,
sorry for the delay i was in vacation..
our basis team has install AS2 certificate TRUSTED\AS2\XXXXXX this path ..
but they(basis) are new where can we install partner SSL certificate ?
what is the procedure to update SSL certificate?
we are using SAP PI 7.0 version..
Regards,
Srinivas.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Srinivas,
in the Receiver-Channel, you have to do the following:
1. Select HTTPS as transport protocol
2. Then you will get the possibility to include the SSL Certificate/ Server Certificate
The SSL-Certificate needs to be imported to the KeyStore (any view) and then you can refer to it with the same naming convention like the AS2-certificate.
TRUSTED\AS2\XXXXXX this path ..
Kind Regards
Stefan
Hi Srinivas,
Check below blog by BASIS person.
http://scn.sap.com/docs/DOC-26145
Might be helpful.
Regards,
Pranil.
Hi Srinivas,
the Partner SSL-Certificate has to be stored in the Netweaver-KeyStore. If you like, you can also store it in the same VIEW that the partner AS2-Certificate.
Since the entry in the channel refers to the VIEW and the Certificate Name, like
TRUSTED\AS2\XXXXXX ..
(where AS2 is the view and XXXXX is the certificate name)
...you can import teh SSL-certificate to any view you like
But maybe it would be easiest to put it in the same view than the AS2-certificate so you donßt have to setup any additional authorizations.
Kind Regards
Stefan
HI Experts ,
could anyone help me here..
Regards,
Srinivas.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Srinivas,
Please check your SSL configuration.
For details, see below threads.
http://scn.sap.com/thread/957791
Link for "Certificate and Troubleshooting Guide for Seeburger - AS2 - Adapter".
Regards,
Pranil.
HI Pranil/Hari ,
thanks for your responce ..
the certificates are installed correctly as Partner could able to send us the files..
we can also send the files with Transport protocol as HTTP .
when ever we used T.P. as HTTPS we could not able to send the files to partner..
with respect of AS2 receiver communication channel what below options described?
1)server certificate (Key store)
2) Private key for client authendication
which certificate details we need to maintaine in communication channe ?
is this related Partner certificates or PI own signed certificates ?
please clarify me as i am very new to EDI integration..
thanks in advance
Regards,
Srinivas..
Hi Srinivas,
As mentioned in the 1st link that I provided,
Server Certificate (Keystore) is used to provide the Target System's Server SSL's public Certificate.
Private Key for Client Authentication is used where PI provides its own Server SSL's private key for Mutual / Client Authentication.
When using certificate-based mutual authentication, the following actions occur:
Regards,
Pranil.
Hi Srinivas,
is partner SSL and AS2 are different certificates??
yes, in most cases these certificates are different. So I assume that you just have inserted a wrong certificate for the SSL connection.
This explains why you can use AS2 via http without problems and why your partner can send to you (since in both cases you do not have to use the SSL-certificate of your partner)
So you should either
- ask your partner for the proper SSL-certificate to be used
- or you can also try to reach the (https) URL via WebBrowser from the same system (to avoid firewall issues) and you should be able to take a look at the SSL-certificate in your Address-Bar and probably you are also able to download the SSL certificate from there.
Kind Regards
Stefan
Yes Srinivas. The SSL and AS2 certificates are different in your case.
AS2 certificates are the message level security certificates. You might have given its details in receiver agreement.
And SSL are transprt layer security certificates, details of which needs to be given at the communication channel level.
Regards,
Pranil.
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.