on 01-30-2015 8:24 AM
Hi,
I have been searching in SDN from last two but no thread is solving my issue.
The scenario is FTP to SFTP and there is a self signed certificate and it got expired, so imported new certificate in NWA successfully which is provided by third party system.
When i am testing it, i am geeting below error,can you please suggest how to fix it,
Attempt to process file failed with Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier.
Cheers,
Giri
Thanks Guys for your time.
But i have checked all blogs already.Please check information below,
1.It was working with server details in communication channel before certificate got expired.
2.Firewall are open.
3.when i am using server in communnication channel,getting below error,
Transmitting the message to endpoint <local> using connection File_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: FTPEx: Unexpected reply codeControl connection prematurely closed by server
4.When i am using IP address in communication channel ,getting below error,
Transmitting the message to endpoint <local> using connection File_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier
Please note that it was working with server details in receiver communication channel.
I feel it is a problem with certificate but third party is saying that the same certificate is working with different third party system connnected same receiver system.
Cheers,
Giri
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Naveen,
currently i am using host name in communication channel and i am getting below error,
Attempt to process file failed with Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: FTPEx:
Unexpected reply codeControl connection prematurely closed by server.
Cheers,
Giri
Hi Venkat,
Hope you are doing good.
You will need to get more detailed logs. Please set debugging level to ALL for these locations:
com.sap.aii.security.lib.*
com.sap.aii.adapter.file.*
copy to sub tree and save to all server nodes.
Once this is done, reproduce and the detailed error should be available.
____________
Kind Regards,
Hemanth
SAP AGS
Hi Giri,
Run the web diag tool as outlined in SAP Note No. 1332726-Troubleshooting Wizard SAP AS Java 7.20 and above with below locations activated:
com.sap.aii.security.lib.*
com.sap.aii.adapter.file.*
set to ALL severity level.
Check ManagingIncidents.zip as the note mentions and follow the instructions.
____________
Kind Regards,
Hemanth
SAP AGS
Hello Venkat,
Check if are there any firewalls in between FTP server and XI as this is a usual issue. If there are, please create the necessary rules to allow communication from both IPs/DNS's. Also check if the imported certificate is the public certificate from the FTP server, and it is also a x.509 format cert.
Please let me know the outcome.
Best Regards,
Hemanth
Hi Venkat,
First your certificate got any chain certificates install all certificates in NWA, check below notes for if the host name return different IP addresses.
1764304 - FTPS Server certificate rejected by ChainVerifier
SAP Note 1591971 - Added property strictHostnameChecking
If you still not resolved run the XPI inspector as mention in below note.
1514898 - XPI Inspector for troubleshooting XI
Regards,
Praveen.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Venkatagiri,
Check the below points:
1.Check if the firewall ports are open to the server you are trying to connect.
2.check if the CA certificates has not expired
3. try to regenerate the certificate from your thirdparty server and then try to reimport them again in your PI Server.
still if the issue is not solved please check the note below.
694290 - SAP J2EE: react on expiration of VeriSign CA certificates
Thanks,
Naveen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Try stopping and starting the channel and send a fresh message
Br, Praveen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.