cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SOAP over HTTPS Scenario.

Go to solution
Former Member

on ‎06-08-2014 5:48 AM

0 Kudos

Experts,

I am using PO 7.31 Single Stack.

I am going to integrate with some Third-Party System ( B2B ) Scenario. As its B2B client want this to integrate this over SSL.

We are using SOAP Communication channel at Source side.

We have shared a PI WebService to third Party and told them to send data on this endpoint.

I have changed following things in webservice( http to https and port no to ssl port no).

Now Certficate part always confuses me So I have question over certificates/ PubliC/ Private Key :-

1. Who will provide Certificate and to whom ??

2. What kind of certificate will be shared accross parties ?? such as public private ?? PGP or X.509 ??

I have gone through many blogs - but i am still confused.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Harish
Active Contributor
‎06-08-2014 12:54 PM
0 Kudos

Hi Prabhat,

1. Who will provide Certificate and to whom ??

--->> Certificates are shared between both parties/systems. So PI needs to provide PI public key to receiver system and receiver system needs to provide there public key.

2. What kind of certificate will be shared accross parties ?? such as public private ?? PGP or X.509 ??

-->> The certificate can be X.509.

Please refer the below blog and sap note 891877

regards,

Harish

Show replies
Show replies
Former Member
‎06-08-2014 1:49 PM
0 Kudos

As per your above comments : My understanding is

SystemA  -> SAP PI -> SAP

System A will share its public key to SAP PI and SAP PI will share there public key to System A.

why only public key . why not private key ?? when do we share the private key?

vishal1889
Active Participant
‎06-08-2014 5:22 PM
0 Kudos

Hi Prabhat,

Private key not shared under any circumstances. It is maintained in the system to de-crypt the data encrypted with your public key.

Say in above scenario, you have given your public key to SystemA so SystemA will encrypt the data with your public key and then send it to you. After you receive the the data, it is de-crypted using your private key.

The benefit of sharing the public key is in case the data sent by SystemA is received by some intruder then it cannot be decrypted as he won't be having your private key.

So always remember not share your private key in any circumstances.

Regards

VJ

Former Member
‎06-09-2014 10:12 AM
0 Kudos


Hi Vishal ,

Thanks for comments !!!i

Under which situations we should share our public Keys ?

I understand there could be two situations :-

1. Just to Handshake. ( Just to make sure if the Sender and Receiver system is genuine system).

2. To Encrypt and Decrypt the Data.

Please add to it . and Correct me if i am wrong

Harish
Active Contributor
‎06-09-2014 12:21 PM
0 Kudos

Hi Prabhat,

Public key are shared in both scenario. Just handshake (authentication of message sender) or encryption of data.

only authentication scenario and no encryption

Sender send message with digital signature using own private key  ---> receive authenticate the message using sender public key

Encryption and authentication

Sender send message with digital signature using own private key and encrypt using receiver's public key  ---> receive authenticate the message using sender public key and decrypt using own private key

Hope it will clear your doubt.

regards,

Harish

Former Member
‎06-11-2014 7:04 PM
0 Kudos

Hi Harish !!

Counter Question. - Lets consider first just handshake scenario and no encryption.

Say I am using MuleSoft as source application ( WebService). -> SAP PI  ( Middleware )


Now MuleSoft has shared there public certificate with PI. and we have imported that in KeyStore and WebSecurity under trustedCA.


Now Question is when MuleSoft is sending data to PI , do they have to add something extra with soap payload to add this digital signature?


Answers (0)

Ask a Question