cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue - SAP HANA Cloud Connector is not operational

Go to solution
Former Member

on ‎10-21-2015 8:23 PM

0 Kudos

I finally got everything up & running with my SAP HANA trial.  I got the SAP HANA Cloud Connector unzipped (developer edition) and configured to use my proxy.  When I fire it up I get the error "SAP HANA Cloud Connector is not operational — ensure configuration and proxy settings are correct":

I'm not able to find much information about that specific error code.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

MarkusTolksdorf
Product and Topic Expert
Product and Topic Expert
‎10-21-2015 9:32 PM
0 Kudos

Hi Ian,

have a look at the logs. The message means that either the proxy is not behaving as expected or that some other issue occured while trying to establish the connection to the HCP

Best regards,

Markus

Show replies
Show replies
Former Member
‎10-21-2015 9:46 PM
0 Kudos

Thanks for the quick reply!  Here's what I'm seeing in my logs (also attached to message):

FILE_TYPE:DAAA96DE-B0FB-4c6e-AF7B-A445F5BF9BE2

FILE_ID:1445459813011

ENCODING:[UTF8|NWCJS:ASCII]

RECORD_SEPARATOR:124

COLUMN_SEPARATOR:35

ESC_CHARACTER:92

COLUMNS:Time|Severity|Logger|Thread|n/a|Text|

SEVERITY_MAP:FINEST|Information|FINER|Information|FINE|Information|CONFIG|Information|DEBUG|Information|PATH|Information|INFO|Information|WARNING|Warning|ERROR|Error|SEVERE|Error|FATAL|Error

HEADER_END

2015-10-21 15:36:53,100#DEBUG#com.sap.scc#Start Level Event Dispatcher#          #Init class CpicConnection|

2015-10-21 15:36:53,108#DEBUG#com.sap.scc#Start Level Event Dispatcher#          #CpicConnection is ready to use|

2015-10-21 15:36:53,109#INFO#com.sap.scc.rt#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #BundleEvent STARTED|

2015-10-21 15:36:54,761#INFO#com.sap.scc.web.component#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #FrameworkEvent INFO|

2015-10-21 15:36:54,762#INFO#com.sap.scc.web.component#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #FrameworkEvent INFO|

2015-10-21 15:36:57,623#INFO#com.sap.scc.rt#Start Level Event Dispatcher#          #starting SAP Cloud Connector runtime - check for active instances|

2015-10-21 15:36:57,660#INFO#com.sap.scc.web.component#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #ServiceEvent REGISTERED|

2015-10-21 15:36:57,674#INFO#com.sap.scc.web.component#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #ServiceEvent REGISTERED|

2015-10-21 15:36:57,674#INFO#com.sap.scc.web.component#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #BundleEvent STARTED|

2015-10-21 15:36:57,681#DEBUG#com.sap.scc.jni#Thread-5#          #Load config file D:\Work\SAP_Cloud_Connector\config_master\org.eclipse.gemini.web.tomcat\default-server.xml|

2015-10-21 15:36:57,683#INFO#com.sap.scc.config#Thread-5#          #Initialize SCC runtime configuration|

2015-10-21 15:36:57,759#INFO#com.sap.scc.web.component#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #BundleEvent STARTED|

2015-10-21 15:36:57,764#INFO#org.eclipse.equinox.p2.reconciler.dropins#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #BundleEvent STARTED|

2015-10-21 15:36:57,764#INFO#org.eclipse.osgi#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #BundleEvent STARTED|

2015-10-21 15:36:57,765#INFO#org.eclipse.osgi#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #FrameworkEvent STARTED|

2015-10-21 15:36:57,765#INFO#org.eclipse.osgi#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #FrameworkEvent STARTLEVEL CHANGED|

2015-10-21 15:36:57,779#INFO#org.eclipse.equinox.p2.reconciler.dropins#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #BundleEvent STARTED|

2015-10-21 15:36:57,780#INFO#org.eclipse.osgi#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #BundleEvent STARTED|

2015-10-21 15:36:57,835#INFO#org.eclipse.osgi#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #FrameworkEvent STARTED|

2015-10-21 15:36:57,836#INFO#org.eclipse.osgi#com.sap.core.js.logging.bridge.OSGILogListener@a73d0ac#          #FrameworkEvent STARTLEVEL CHANGED|

2015-10-21 15:36:58,196#INFO#com.sap.scc.config#Thread-5#          #Cannot find backends configuration file D:\Work\SAP_Cloud_Connector\scc_config\hanatrial.ondemand.com\s0008441049\backends.cfg|

2015-10-21 15:36:58,196#INFO#com.sap.scc.config#Thread-5#          #Cannot find domains configuration file D:\Work\SAP_Cloud_Connector\scc_config\hanatrial.ondemand.com\s0008441049\domains.cfg|

2015-10-21 15:36:58,591#WARN#com.sap.scc.config#Thread-5#          #Creating an sslContextProvider for account s0008441049@hanatrial.ondemand.com without SSLContext. Keystore did not contain a certificate.|

2015-10-21 15:36:58,591#INFO#com.sap.scc.config#Thread-5#          #loadHaState isHaActive is false|

2015-10-21 15:36:58,923#INFO#com.sap.scc.rt#Thread-5#          #port check succeeded|

2015-10-21 15:36:58,938#INFO#System.out#Thread-5#          #SAP HANA Cloud Connector 2.6.1.1 started on https://localhost:8443 (master)|

2015-10-21 15:36:58,946#INFO#com.sap.scc.rt#Thread-5#          #SAP HANA Cloud Connector 2.6.1.1 started on https://localhost:8443 (master)|

2015-10-21 15:37:43,347#WARN#com.sap.scc.rt#http-bio-8443-exec-2#          #sccEndpoint com.sap.scc.config.TunnelSccEndpoint@13259c8 ok, and context == null|

SAP HANA Cloud connector 2.6.1.1

    Tunnel: 2.0.19

    SCC UI: 1.3.1.1

    LJS: 0.5.56

    JRE: 1.8.0_60 (Oracle Corporation, D:\Program Files\Java\jdk1.8.0_60\jre)

    JVM: Java HotSpot(TM) 64-Bit Server VM (25.60-b23, mixed mode)

    OS: Windows 7 (6.1)

    User: s1596273

    Dir: D:\Work\SAP_Cloud_Connector

    SAPUI5: 1.28.10

    jQuery: 1.11.1

ljs_trace.txt.zip
MarkusTolksdorf
Product and Topic Expert
Product and Topic Expert
‎10-22-2015 12:10 AM
0 Kudos

Hi Ian,

a strange thing. It seems like the setup of the Java Keystore is incomplete. This should not happen, when authenticating correctly at cloud side when adding the account. I don't think it's related, but please use a supported JVM version, either Java 6 or Java 7.
Delete the account again and re-establish the connection. Perhaps there was some odd temporary behavior. Nevertheless, it needs to be investigated, why adding the account to cloud connector did not fail when recognizing this wrong state. This should have been the case.

Best regards,

Markus

Former Member
‎10-22-2015 2:14 PM
0 Kudos

I'll see what I can do about the Java version.

What do you mean when you say "delete the account"?  Do you mean the users.xml?  Or should I just delete it all & start again?

One thing worth mentioning is that I'm behind a proxy & the company re-signs certs (self-signed) when they come through the proxy.

MarkusTolksdorf
Product and Topic Expert
Product and Topic Expert
‎10-22-2015 2:36 PM
0 Kudos

Hi Ian,

Deleting the account is possible by navigating to the Account Dashboard, selecting the account and pressing the delete button.

The last statement is an important information. This will mean that SCC cannot do a mutual authentication. This will cause trouble for sure. Actually, I consider this a MITM attack ...
But still the keystore should contain an entry after authenticating initially with suer PWD to get the connection established and mutual authentication with certificates prepared.

Best regards,

Markus 

Former Member
‎10-22-2015 3:00 PM
0 Kudos

Quick question, my account should be s0008441049trial right?  Then user should just be s0008441049?  I just want to make sure I'm not doing something stupid.

Thanks,

Ian

Here's the logs from after I deleted everything & started over:

2015-10-22 08:40:47,254#INFO#System.out#Thread-5#          #SAP HANA Cloud Connector 2.6.1.1 started on https://localhost:8443 (master)|

2015-10-22 08:40:47,261#INFO#com.sap.scc.rt#Thread-5#          #SAP HANA Cloud Connector 2.6.1.1 started on https://localhost:8443 (master)|

2015-10-22 08:42:19,440#INFO#com.sap.scc.config#http-bio-8443-exec-2#          #Cannot find backends configuration file D:\Work\SAP_Cloud_Connector\scc_config\hanatrial.ondemand.com\s0008441049trial\backends.cfg|

2015-10-22 08:42:19,440#INFO#com.sap.scc.config#http-bio-8443-exec-2#          #Cannot find domains configuration file D:\Work\SAP_Cloud_Connector\scc_config\hanatrial.ondemand.com\s0008441049trial\domains.cfg|

2015-10-22 08:42:19,604#WARN#com.sap.scc.config#http-bio-8443-exec-2#          #Creating an sslContextProvider for account s0008441049trial@hanatrial.ondemand.com without SSLContext. Keystore did not contain a certificate.|

2015-10-22 08:42:26,337#INFO#com.sap.scc.security#http-bio-8443-exec-2#          #New Key Pair was generated.|

2015-10-22 08:42:26,337#INFO#com.sap.scc.security#http-bio-8443-exec-2#          #Will retrieve Connectivity CA certificate from SAP HANA Cloud|

2015-10-22 08:42:26,337#INFO#com.sap.scc.security#http-bio-8443-exec-2#          #Executing Http Get request to https://connectivitycertsigning.hanatrial.ondemand.com:443/certificate/management/v1/trusted/ca/acco...|

2015-10-22 08:42:30,406#INFO#com.sap.scc.security#http-bio-8443-exec-2#          #Returned Http Response with code 407|

2015-10-22 08:42:30,455#ERROR#com.sap.scc.ui#http-bio-8443-exec-2#          #SCC handshake failed: 407 — authenticationrequired

com.sap.scc.servlets.SccHandshakeException: SCC handshake failed: 407 — authenticationrequired

  at com.sap.scc.cert.HttpCertificateManagementService.processRequest(HttpCertificateManagementService.java:160)

  at com.sap.scc.cert.HttpCertificateManagementService.executeGetRequest(HttpCertificateManagementService.java:116)

  at com.sap.scc.cert.HttpCertificateManagementService.getConnectivityAgentCA(HttpCertificateManagementService.java:87)

  at com.sap.scc.cert.CertificateSigningClient.getCACertificate(CertificateSigningClient.java:41)

  at com.sap.scc.servlets.ConfigurationServlet.applyConfig(ConfigurationServlet.java:954)

  at com.sap.scc.servlets.ConfigurationServlet.addAccount(ConfigurationServlet.java:755)

  at com.sap.scc.servlets.ConfigurationServlet.dispatch(ConfigurationServlet.java:104)

  at com.sap.scc.servlets.ServletUtilities.service(ServletUtilities.java:39)

  at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)

  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)

  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

  at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

  at com.sap.scc.ui.rt.UTF8Filter.doFilter(UTF8Filter.java:23)

  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)

  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)

  at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:614)

  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)

  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)

  at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)

  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)

  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)

  at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)

  at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:620)

  at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)

  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

  at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

  at java.lang.Thread.run(Thread.java:745)|

MarkusTolksdorf
Product and Topic Expert
Product and Topic Expert
‎10-22-2015 3:07 PM
0 Kudos

Hi Ian,

Account and user should be the ones you mentioned.

Best regards,

Markus

Former Member
‎10-22-2015 3:32 PM
0 Kudos

I was having some issues getting SAP Hybrid Application Toolkit connected & I finally wound up having to save & manually add the SSL certs to my Java keystore in order to allow communication to go through.  I also had to change several options to avoid using SSL, since we don't use a separate proxy for SSL. 

I downloaded the cert for Connectivity Tunnel Certificate Generation but it didn't seem to help.  Any other ideas of what I can try?  I've got my networking team looking into it, but I'm trying to figure out if there's anything I can do in the meantime?

MarkusTolksdorf
Product and Topic Expert
Product and Topic Expert
‎10-22-2015 4:29 PM
0 Kudos

Hi Ian,

You cannot use SSL?. Is it that what you are saying? This will not work for the Cloud Connector. If you don't send a signing request to certificate signing request service, it will not provide anything useful. Would you have the chance to try connectivity from a host outside from that corporate environment to exclude issues with your account?

Best regards,

Markus

Former Member
‎10-22-2015 4:41 PM
0 Kudos

I was just offering some background on how I got it working without having to involve the networking guys for previous issues.

I'll try using an external network and let you know how it goes.

Thanks,

Ian

Former Member
‎10-22-2015 4:46 PM
0 Kudos

Okay, I threw up a hotspot on my phone & used my laptop with that & was able to connect successfully.  So my account seems fine & it sounds like a network issue.

Now, to try and find out *what* that issue is.

Ulrich_Schmidt
Product and Topic Expert
Product and Topic Expert
‎10-23-2015 1:14 PM
0 Kudos

Hi Ian,

perhaps the following info can help you with that: the error message we see in the Cloud Connector is

407 — authentication required

This seems to come from the proxy server used in your corporate network. (407 is an HTTP return code used by proxies. If the authentication error came back from the Cloud side directly, it would be 401.)

We had already similar problems in the past, when a proxy server would not allow user/password authentication but required some other mechanism like Microsoft NTLM. You should ask your network admin, whether this is the case here and whether he can setup the proxy in such a way, that it allows the SCC access to the outside world using user/password proxy authentication.

Best Regards, Ulrich

Former Member
‎10-23-2015 2:05 PM
0 Kudos

We finally got this working late last night.  My proxy guy made some changes & I was finally able to get this working.  Ironically, if I had looped him in with the problems I was having getting SAP Gybrid Application Toolkit (HAT) working, then I likely never would have seen this here.

So, the answer is, if you're getting 407 - Authentication Required messages, save everyone some time & go talk to your IT/Firewall/Proxy guy & move on.  There doesn't appear to be a way around it.

Answers (0)

Ask a Question