on 05-09-2016 3:00 PM
Hi,
We have added SuccessFactors certificates to SAP NW PI Certificates Areas "Trusted CAs" and "WebServicesSecurity" but when trying to select same in PI Integration Designer - SOAP Axis Receiver Communication channel, we are not able to view it in the List?
Please see the steps used to add Certificates by Basis and when they are not visible in Int Designer?
Please help / advice why are they not visible. We have also PI JAVA Stack.
1. We do not see "Trusted CAs" View in Integration Designer.
2. We do not see SF Certificates even in "WebServicesSecurity" View.
Alim
Hello Alim,
Certificates are used for two functionality -
1. To secure the transition of the messages over the Internet - This is known as HTTP over SSL technique. For this you need to upload the certificates of your 3rd party server in TrustedCAs Keystore View
2. To secure the data present in the messages - This one is to authenticate the person who will be viewing the file or data you are sending. For this case you need a private key along with certificates to be uploaded under a new Keystore View. This Keystore view would be visible to you in your channel.
Unless the authenticated person has the key pair he will not be able to view the file.
In your case, i can see the URL is HTTPs, hence you must have the certificate uploaded in TrustedCAs. Along with that if the 3rd party requires client authentication, then you need to apply the steps mentioned in step 2.
Regards,
Nitin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Alim,
- The Certificate SF Root Node is a Public Certificate / Public Key
- The Client Authentication requires a Private Key and hence only Private Key's are displayed.
- If you look at the Certificates displayed in F4 help all of those are private key's including the one in the view WebserviceSecurity - System-key.
- To do Client Authentication in the SF Adapter make sure you have the right Private Key loaded into your Keystore.
Regards
Bhavesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Bhavesh,
I understand apart from 3 public certificates entry from SF, I also need to create Private Key Certificate Entry.
I created exactly same but it is again showing same Private Key entry I created.
I want to achieve something as mentioned in below link.
Can you please help me to provide link / doc / steps to do same.
Alim
Hello Alim,
Did you go through the previous reply from me?
Are you sure, SF is requiring client authentication? I do not feel so.. I guess they just need the HTTP over SSL communication. So please upload the chain certificates (Root CA, Intermediate CA, Main Certificate) in the mentioned order in TrustedCAs keystore view.
Also please uncheck the Client Authentication check box in your receiver channel and test it. It should work.
Regards,
Nitin
Hi Alim,
Please create the private key for the key store view/ trusted CA. if you check only those key stores are visible in communication channel which has the private keys.
Please create the private key for the keystore view you want to check in comm channel.
regards,
Harish
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Harish,
I understand apart from 3 public certificates entry from SF, I also need to create Private Key Certificate Entry.
I created exactly same but it is again showing same Private Key entry I created.
I want to achieve something as mentioned in below link.
Can you please help me to provide link / doc / steps to do same.
Alim
User | Count |
---|---|
95 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.