on 10-28-2013 4:55 PM
Hi Gurus,
I have 0.0 experience with SFTP.
Since 1 month I struggle with this headache problem of SFTP Configuration.
My PI is PI 7.31 Java only SP 7 Patch4.
SFTP PGP ADDON 1.0 is installed.
Since long time customer uses putty to transfer files based on a 2048 bit RSA key pair . The public key is registrated in SFTP Server and the private key (cust_priv_key.key) is saved locally.
My scenario is Proxy<--> SFTP.
According to the wiki: http://wiki.scn.sap.com/wiki/display/XI/Generating+SSH+Keys+for+SFTP+Adapters+-+Type+1 , I executed the following steps:
Step 1:
I import the cust_priv_key.key into PuTTY key Generaor with parameter SSH-2 RSA 1024 bit.
Then export OpenSSH key as private_key.pem as below:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,C5EC3B6E2228F3EC
/KCu21h1slGi5M0IF1mZxrCIzK1QEcB8zmNlprUY6ey4r/U1tKv63BL4pzOpHAad
Ie7AzA8e5ZI3juvLrOzQK0Tf0guIoByiliGOWwAFKDUyhdZSr7nwhj3eGyHYyi7c
1Xes0UgVO+pe9Ek3wcIp207cFjOJJ3uWGTKLGQTHcX+3ntFmch1vfWUBEAztHd+0
2SFJAZ/MGw0ucttgZwDbHjcqZcULgCGda+ylM+Qvr/wf4slIThFCzT9LgiLYTam0
OycX+em2rEqlB7xKMGYPspw5ITmA7ukgtaT8l12zqvim01fSDZYZdfw018nDRRJm
LgLTXTcdNJHPZt9IwOPDwFhO5cd8IQrMebnnXNSNDQTzYE0poqIr14Qe5m191Pi/
4846al4jJgUEE4Q0t5i9Lzaah3EL5ElYnxFNIR5HXm51ff88AtkJcaOG/8tz7nYB
xflONMIK7VuGBmvfBcjUp+KZCdlvcZAwjz40tCcTW4FY0Ss+8nyZdQAx+supRi4X
jW1njWyRwmR/AlKhTJBLP2FWdT9ofw7o7lX9nPuhmxFDIpQEaCoddMHmTlmqmA/U
gw4OAZYpvRHpl/drE97eNMfZ4/9tOmQ84ujjjo5xDmwtBA06NhKMY9KiOoQ+3wS0
0FSvSIktlMLSj/Py1DLvhK6zLd+Vq/9R8CGAnsotCJFi//DG/OGus+KjC7kYAFwg
YG97Yi3wBw++t9q+5V1y2KFCqL6mMUj3LxaGe7HSXuSfIkAPzSJBfs9BEDYQGv9B
QBD9E+UDVPRwkPWFWY3NJADWA2mNTnsLtDiXXIFD9vERrzWlL1s4jXLy1+WKPQA7
JGCoj5aY6FuaDyPTDC1LUaXyvDuCLQlU22ZePUnOUfjj55jCy5W3G1J9XZ+if7Eq
YP7v/5aRGgPu+yTD2NfmkXRpWBS67IQgLNbcf1LMdBJPZAw1M9XZDtCDuABawIad
cCCJZHqw8X1sasnKUzwPoRYhv0WJgnPXkZIeNM8mUKSuqjnq5awlwhzbKlPWTD+U
JR67cT4ToTxzM5nqLHKan7PSOelGBhk1Zeh8RCzrECtl6uzmnENIgGUp8PeFygxT
mhYGWT8yy86/FKyA8szfanVTUNoIVz76XlGxL35+oofH8bXBhSdSw2iRPio1+llW
gOCdQG/xdTbit00tfmTT4N5ETHm4UAZ7mPyl5Y/IhfMRTR31rz3cw4H96JbWpuvp
Bsnt8xuX/PwdFB4HXg5Wo7uQFPgplWoTSzov11+ztNXzuI4yOcl+j356salgDJlh
uIMDwXiixuENnzcs+wy2/Qj75WId81ZVmIqugkWCZJN7fRbtxlgDicxjuGWyYPnk
fsGOppGpyjfOCx2AFACNrM4ZtrG0AJd51yvZyUgB06AIXHSkpDrvuDxo0l07D1U5
J0XZs/wqbMiJCT8csi0/flLCLrnqkhAOXLrnKqfoZzZUaKEs6JQDGQDkUWyaYsEe
V7ZoP3ahVjzRDHVrM3FI/hrhOBfWbgM/C9UK7XoFL7O6u78HRiU9G8vZPHMcRHAo
YkmUamBURyxiMYCLNqlkzpO1yksnfCU1KsxjgAo6ydFRlQy/Qo1APg==
-----END RSA PRIVATE KEY-----
Step 2:
with Cygwin with OpenSSL unitlites I convert this private_key.pem into x509_certificate.pem
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIJAMKmweprD4wJMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTMxMDI4MTYzMTMzWhcNMjMxMDI2MTYzMTMzWjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIB
CAKCAQEAvZdaSuKy75WRL6HL1rwChCsH0bMfmNGn3b7kakuu/HFlBJ5k2c5HkhuA
mEFObo9Lb4dMVYVlJa1y8+8cwS4TtGKXeBypVAhyyrVuR30RR/1uK64OH4ppBWaH
db8AATH33Ld+RRpkP47ufVutNj9HYU01Ivp41XBmUYuZGuPH63sBz0vT0UuezS5d
QIh07fRwDFkuMu57kPhm/vupSry7WVBisp9mKCC2JbbW+uysDHwoD179J63q1lkY
iOkEMkZE2yXn9DWjXE6B3JYf6UKqMQcQmH6Z8emz3jR6EFitwRSJp8mC7UeFRh1i
VBOJ4BG38D8lADzI1HKClHhf8bdLgQIBJaNQME4wHQYDVR0OBBYEFCBVXPeI6rOh
7TmtUgkAIiUDFnrqMB8GA1UdIwQYMBaAFCBVXPeI6rOh7TmtUgkAIiUDFnrqMAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADaaJwLsjMpeIdIStiZivXY8
AClkb0J89xzwzx63+cL0pARdn2a8y6ipA0ih4UsUUPMmyO4cEP89CrQO4M3FKtmu
vOFcj9kJ7d76pY7xbCXPafA1kEYg7WE2G1tw68aFYMwyF4hNa1uqbrkFzaGpZ2dv
TlgFr49MUd30+2RLHgY/Ne1rc/v3ymES2OqQAlzjJB8toyeM/EB3yQGTx6A1etq5
VhmccJpG9e0ZU7Xj19XXe/d+fBlLt67mprnjuT0rGM+BrmK8xCKMpIk4Xzto8AIy
dsP0FbLMmDp3A0fhRV3e3jBwpLZNDY2JBjAwCiuBR+lGbEWXW9BlQiwV42HvcwA=
-----END CERTIFICATE-----
Step 3: create the PKCS type 12 keystore with password.
Step 4: In NWA Key Store I created a new view and import this PKCS type 12 key.
Step: 5: In IB I created a SFTP Receiver Channel with following parameter:
Server: sftpserver.customer.com
Port: 22 (I have asked Basis to open Port 22).
Server fingerprint: 3e:1e:73:bb:82:67:a6:f0:99:fc:21:95:98:1b:53:11
Proxy: No Proxy
Authentication method: Private Key
Username: xyz
Private Key View: SFTP_customer
Private key Entry: sftp_keystore
But I always get the following error in the Message-Monitor:
MP: exception caught with cause javax.resource.ResourceException: com.jcraft.jsch.JSchException: java.net.ConnectException: Connection refused: connect.
What for a problem?
Highly appreciated if anyone give me some hints!
Regards
Rene
i got it run!
I generated the key and certificates according to the Wiki article:
How To Configure SFTP Adapter in SAP PI
and registrate the new public-key in sftp-server again.
Then it works.
The trick is to create private-key and certificate in the key-store in same time. After that exporting certificate and converting it to public-key in cygwin. So, the connection betwenn public and private-keys would be set up.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi All,
Can you pls let me know any SFTP test servers with host details & credentials available online to post data from PI server?
-Nithin.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Rene,
Would like to ask when you say SFTP server here, are you pertaining to your PI server or the server of your 3rd party partner in which you connect to?
Thanks
Regards,
Meinard
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
I think your PI serever is not able to connect to the server " sftpserver.customer.com".
Can you try to make a simple FTP connection to that server to see whether there are any firewall issues or not.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
SFTP for SAP NetWeaver (7.3 compatible)
SFTP, or secure FTP, is a concept that uses SSH to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing passwords and sensitive information from being transmitted in the clear over the network. It is functionally similar to FTP, uses a different, newly designed protocol. The AEDAPTIVe SFTP Adapter client for SAP NetWeaver© was originately designed and written for a few industry leaders in the Retail and High Tech industry, to enable SAP Exchange Infrastructure to exchange files securely with other internal applications, as regular FTP did not meet the companie's security policies. The adapter is able to push files to other SFTP applications or pull files using a listener mechanism. For authentication, the adapter supports three methods, which should cover basically any common security measure. Integrated with SAP Process Integration / NetWeaverLike any other AEDAPTIVe solution, the SFTP Adapter is built on the SAP NetWeaver Adapter Framework. This ensures customers native integration with NetWeaver and existing monitoring tools such as SAP Solution Manager and the underlying CCMS.The adapter can be used in transparent conjuction with other adapters already available in SAP NetWeaver. Features
|
How to use the SFTP Adapter
Link - http://www.aedaptive.com/index.php/solutions/sftp-for-sap-netweaver/how-to-use-the-sftp-adapter
Note 1692819 - FAQ: PI SFTP Adapter
Thanks
Shrikant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.