on 02-20-2016 4:34 AM
Hi Experts,
I am trying to connect our SAP PI 7.4 single stack version with Success Factor for employee data integration. But I am not able to connect properly as pinging the channel is showing could not open connection to success factor URL.Network team is confirmed that port 443 is open and PI can telnet.
I have done below . Please help me to create the successful connection. I am using below URL to connect to SF -https://salesdemo4.successfactors.com/sfapi/v1/soap?wsdl
Opening this URL in Web browser I got 3 certificates and exported all 3 in local. successfactors.com is saved as successfactors.crt as saving as it is making this a MS DOS application due to .com extension.
VeriSignClass3PublicPrimaryCertificationAuthority-G5.crt
SymantecClass3SecureServerCA-G4.crt
successfactors.crt
I have imported all 3 certificates as it is without renaming anything in Keystore under view TrustedCAs and WebServiceSecurity. Below is my channel configuration where I put all required module parameters as per SFIHCM600 01. I have tried by putting other 2 certificates name as well in the channel but no luck.
When I am pinging the channel , I am getting below error -
Please help if I am missing anything or doing anything wrong.
Thanks in advance,
Hi,
Are you sure , you are using correct URL?
i am using URL (https://api2.successfactors.eu/sfapi/v1/soap) for employee data and working fine.
also you no need to use certificate authentication(you can mention option as none for Authentication in channel) , just try to import certificate for corresponding url in NWA.
FYR: 2192064 - API urls (Successfactors system) and Boomi urls for different Datacenters
Note: i have observed Successfactor interface channel always show red alert while do ping in channel monitoring.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Apu,
Remove all the certificates previously loaded and download the certificates from XPI Inspector log the screen shot which you shown, there is certificate#0 and certificate#1, download these two and import them in NWA keystore, and you need to import Root CA certificate also, import all these three certificates and test the interface. after you import the certificate restart the communication channel.
Regards,
Praveen.
Hi Apu,
some things that come to my mind
HTH Cheers
Jens
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Raghu,
Thanks for your reply -
1.Ensure all AXIS drivers are deployed(details in the link shared)
That I have checked at very first front. Deployment is absolutely fine.Please find the screen shot below. Basically we should use latest SFSF adapter for that rather using old HTTP AXIS process but stuck to use Axis as some other developer has worked here for more than 1 month but yet the deployment is not done.
2.Make sure any firewall/port needs to be opened.
I have already mentioned in my initial query that port 443 is open and telnet is working fine.
3.Restart the PI server after importing the certificate.
Thats the only stuff I am also thinking as in some blog I can see restart has resolved the issue. I will do that and let you know. But I have never before face the requirement of restarting the server after importing certificates.
One more thing can you confirm that I need to use VeriSignClass3PublicPrimaryCertificationAuthority-G5 one in my channel or not as in some blog I can see people are saying certificates thawte,ThawteSSLCA all these are required to import in keystore. Are they renaming the downloaded ones I have mentioned above. Actually in my last project SF team has provided us the certificates.
Thanks,
Hi Apu,
After installing the certificate no need to restart the whole PI server to work the new certificate you just need to restart the communication channel after importing the new certificate.
1829329 - Messages fail in PI SOAP Receiver Adapter after updating the Server Certificate
For performance reasons the SOAP adapter caches the server certificate on channel start up. Therefore when the Keystore is updated with the new certificate, the old certificate is still maintained within the cache and therefore used by the channel.
Regards,
Praveen.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.