cancel
Showing results for 
Search instead for 
Did you mean: 

HTTP receiver adapter 202 error/INVALID_PATH exception

0 Kudos

Hi friends,

I have an outbound scenario Idoc -> PO -> HTTP.

I am using HTTP_AAE receiver adapter to send messages to the target system.

Receiver system has asked to switch off basic HTTP authentication and therefore I am using anonymous login option in the channel. As requested by the receiver system, I am providing username/password as header attributes.

When I trigger an Idoc from ECC, the message appears with a checkered flag in sxmb_moni but says 'acknowledgement contains system errors'. In the trace of the message, HTTP status 202 is received from the receiver system.

In comm. channel monitoring, I am getting this log -

What can be reason of this error and how can I resolve it ?

Can it be due to hitting HTTPS url in a HTTP adapter ? We haven't done a certificate exchange, as the receiver system is saying that no specific OT certificates are required here and generic certificate available in any browser should be alright.

Did anyone face similar issue or having experience in troubleshooting this ?

Thanks

Accepted Solutions (1)

Accepted Solutions (1)

markangelo_dihiansan
Active Contributor
0 Kudos

Hi Elly,

Just my two cents:

In the SOAP receiver adapter, it is stated in OSS 856597 - FAQ SOAP Adapter that the response of the webservice should be HTTP 200 only. But for the SOAP sender adapter, it can be an HTTP 200 with an empty SOAP envelope or an HTTP202 with an empty HTTP body.

That said, I do not find the same technical specifications on OSS 1742088 - FAQ HTTP AAE Adapter. The Plain HTTP Adapter for example, only accepts an HTTP 200 with an HTTP Body as a response.

Can you do the following:

1. Paste the receiver URL in IE, download the certificates (CA only) and then import to NWA. Afterwards, change the authentication type to HTTPs without Client Authentication in the receiver adapter. Un-check User Authentication and then execute scenario.

2. Check what headers are being returned, please follow the steps outlined on this blog

Regards,

Mark

0 Kudos

Hi Mark,

From your point 1, how should I identify and download the certificates ? Import to NWA should be fine.

Also, I tried from a HTTP test tool and it returned 200 OK response.

Thanks

markangelo_dihiansan
Active Contributor
0 Kudos

Hi Elly,

You can extract the certificates by typing the url in a browser -> click the lock icon -> connection tab and click certificate information (shown below is for https://google.com using chrome)

Once view certificate is clicked, go to certification path. Since you are using SSL without Client Authentication, you are only interested in the first two certificates (Google Internet Authority G2 and GeoTrust Global CA in the screenshot below) click view certificate

Go to the Details Tab and select Copy to File

Repeat for GeoTrust Global CA. And then import Google CA first and then GeoTrust CA second in NWA.

Regards,

Mark

0 Kudos

Hi Mark,

Thanks.. It was really helpful. I imported the certificates but the error persists.

The target system has asked me to switch off basic authentication. For this I am using anonymous login option in PI receiver channel. May be 'invalid path' exception is due to that ?

Thanks

markangelo_dihiansan
Active Contributor
0 Kudos

Hi Elly,

Can you give us a screenshot of your HTTP adapter configuration?

Regards,

Mark

0 Kudos

Here it is.

Former Member
0 Kudos

Hi Elly,

Mark will probably point this out also but it looks like your path setting is incorrect in that screenshot. The path is relative to the host and port so if the target endpoint was https://host:port/path/to/resource you would put the following value in the path of the communication channel:

/path/to/resource

This would explain the invalid path error. Hope this helps.

Regards,

Nick

0 Kudos

Thanks Nick.

The url doesn't have a port and if the hostname translates to the IP, I tried removing it but still HTTP 202 response. The exception changed to - 'data is not repeatble'.

markangelo_dihiansan
Active Contributor
0 Kudos

Hi Elly,


The url doesn't have a port and if the hostname translates to the IP, I tried removing it but still HTTP 202 response. The exception changed to - 'data is not repeatble'.

I think it is functional now. Can you make some changes in the payload?

Regards,

Mark

Former Member
0 Kudos

Hi Elly,

This may be a symptom of the content type being rejected by the web server. It is described in this note which may mean you need to patch the HTTP_AAE adapter. Can you please check the solution in the note and see if you have an older SP level:

2078273 - Improper setting of content-type at HTTP_AAE receiver side using HTTP header

Regards,

Nick

0 Kudos

Hi Mark and Nick,

We are already on higher SP level.

Third party system has now allowed anonymous connection from public internet.

They advised us to use hostname and not IP s that SSL chain works.

I am now getting 'Unknown host exception'.

Am I doing something wrong with the SSL configuration ?

What SSL config I need to do in channel ? The error stays same whether I tick 'Use SSL' or not.

This is becoming urgent now

Former Member
0 Kudos

Hi Elly,

Can you please paste the full exception from the communication channel log and also the NWA log? Also, do you have access to the operating system in order to perform some basic network checks from PI?

Regards,

Nick

Former Member
0 Kudos

Also they are correct in that you need to use the fully qualified host name in an SSL scenario otherwise PI cannot verify the web server's certificate.

0 Kudos

Here's the channel log -

Our Basis guy has just observed that he's not able to see any traffic hitting our firewall though I have triggered an outbound Idoc.

Former Member
0 Kudos

Hi Elly,

It looks like you have a DNS lookup issue from PI based on the HTTP error log. Basically PI cannot resolve that hostname to an IP address.

To prove this you can add a temporary mapping in the host file of the PI server (assuming it's a Windows server). The Basis guy should understand this. Just request them to put a mapping from the target hostname to the IP address. Once this is in place retry your test from PI.

Note this is just a temporary workaround in order to continue with testing.

Regards,

Nick

0 Kudos

Hi Nick,

Basis tried to have manual mapping as you suggested but unfortunately no luck.

Surprising thing is that when I ping receiver channel it shows success message and green light.

Traffic also seems to hit firewall while pinging.

However when I trigger an actual message from ECC to PI then it doesn't seem to hit firewall for exchange with target system.

I am not getting any certificate related error and still it says 'Unknown Host'.

Anything to do with SSL config ?

Thanks

Former Member
0 Kudos

Hi Elly,

That is really odd behavior. You do need the Use SSL option selected if you are hitting a HTTPS endpoint (even if you've selected Anonymous auth). Can you please turn that on.

Also one other thing, can you try adding the following parameter in the Advanced tab of the communication channel:

Param name: strictHostnameChecking

Param value: false

Regards,

Nick

0 Kudos

Hi Nick,

Thanks a lot. Its now working alright though not able to understand which trick worked

In my final configuration, I have now checked SSL tickbox and not using the parameter you advised.

However, I checked SSL earlier too but it did not work.

It worked finally when I used IP address instead of hostname and used the parameter 'strictHostnameChecking'. But after that I removed the parameter and it is working fine without it as well.

Thanks

Answers (0)