cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

FTPES/FTPS Connection error

NishantChavan
Participant

on ‎06-18-2015 8:02 PM

0 Kudos

Hi Experts,

I am trying to connect to external partner using FTPS connection. Partner has provided us the server name, port (21), username and password. They have also provide PGP keys.

I am getting below error.

"Transmitting the message to endpoint <local> using connection File_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException: Unable to create new pooled resource: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier"


I have looked at the SDN and all the blogs and discussions are for the trusted CA. I want to know if i can make this connection without Trusted CA with only username/password.


My current config parameters are, i have tried checking Use X.509 certificate ....



Thanks,

Nishant

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎03-04-2016 10:47 PM
0 Kudos

Hello Nishant,

Were you able to fix the issue?

I have uploaded the certificate from XPI zip file to Trusted CAs. Still getting the error.

How did you fix the issue?

Regards

Ragu

Show replies
Show replies
Former Member
‎04-20-2016 1:53 AM
0 Kudos

This error has been fixed by uploading a new certificate from FTPS sever admin. Also the encryption option needs to be selected in channel accordingly. I have selected Control encryption not data encryption.

Now it works well

former_member184720
Active Contributor
‎06-18-2015 8:34 PM
0 Kudos

>>>I have looked at the SDN and all the blogs and discussions are for the trusted CA. I want to know if i can make this connection without Trusted CA with only username/password.

It's not an option and this is something depends on how your FTP(s) account was setup.

You can check with your partner and get the certificates.

In addition, if you have xpi inspector installed, then enable the trace for this channel. This utility should automatically download the cerificates which can be uploaded into NWA keystore.

Show replies
Show replies
NishantChavan
Participant
‎06-18-2015 8:53 PM
0 Kudos

Hareesh, could you please clarify

It's not an option and this is something depends on how your FTP(s) account was setup

is the Trusted CA mandatory for FTPES?

and

XPI will automatically download certificate from partners system?

Thanks,

Nishant

former_member184720
Active Contributor
‎06-18-2015 8:57 PM
0 Kudos

>>>is the Trusted CA mandatory for FTPES?

I don't think so but this is not something that we(PI) decide, As i said you should check with your partner.

>>>XPI will automatically download certificate from partners system?


It should. At least that is how i fixed similar issue in the past.

Download the XPI trace zip file and you should be able to see a separate folder with "certificates" in it.

Ask a Question