cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SF Certificates not visible in PI Receiver Channel

Former Member

on ‎05-09-2016 3:00 PM

0 Kudos

Hi,

We have added SuccessFactors certificates to SAP NW PI Certificates Areas "Trusted CAs" and "WebServicesSecurity" but when trying to select same in PI Integration Designer - SOAP Axis Receiver Communication channel, we are not able to view it in the List?

Please see the steps used to add Certificates by Basis and when they are not visible in Int Designer?

Please help / advice why are they not visible. We have also PI JAVA Stack.

1. We do not see "Trusted CAs" View in Integration Designer.

2. We do not see SF Certificates even in "WebServicesSecurity" View.

Alim

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

nitindeshpande
Active Contributor
‎05-10-2016 6:28 AM
0 Kudos

Hello Alim,

Certificates are used for two functionality -

1. To secure the transition of the messages over the Internet - This is known as HTTP over SSL technique. For this you need to upload the certificates of your 3rd party server in TrustedCAs Keystore View

2. To secure the data present in the messages - This one is to authenticate the person who will be viewing the file or data you are sending. For this case you need a private key along with certificates to be uploaded under a new Keystore View. This Keystore view would be visible to you in your channel.

Unless the authenticated person has the key pair he will not be able to view the file.

In your case, i can see the URL is HTTPs, hence you must have the certificate uploaded in TrustedCAs. Along with that if the 3rd party requires client authentication, then you need to apply the steps mentioned in step 2.

Regards,

Nitin

Show replies
Show replies
bhavesh_kantilal
Active Contributor
‎05-10-2016 4:51 AM
0 Kudos

Alim,

- The Certificate SF Root Node is a Public Certificate / Public Key

- The Client Authentication requires a Private Key and hence only Private Key's are displayed.

- If you look at the Certificates displayed in F4 help all of those are private key's including the one in the view WebserviceSecurity - System-key.

- To do Client Authentication in the SF Adapter make sure you have the right Private Key loaded into your Keystore.

Regards

Bhavesh

Show replies
Show replies
Former Member
‎05-10-2016 1:23 PM
0 Kudos

Thanks Bhavesh,

I understand apart from 3 public certificates entry from SF, I also need to create Private Key Certificate Entry.

I created exactly same but it is again showing same Private Key entry I created.

I want to achieve something as mentioned in below link.

Can you please help me to provide link / doc / steps to do same.

Alim

bhavesh_kantilal
Active Contributor
‎05-11-2016 4:57 AM
0 Kudos

Sorry I am not sure what the issue currently is? Is it that your Private Key that you created is no more visible ?

Regards

Bhavesh

Former Member
‎05-11-2016 8:57 AM
0 Kudos

Hi Bhavesh,

This is one way message flow from ERP to PI to SF.

So we have added SF Public Certificates (3 Top, Intermediate, Root) into PI for Client Authentication.

Please advise if we are still missing anything.

Alim

nitindeshpande
Active Contributor
‎05-11-2016 9:17 AM
0 Kudos

Hello Alim,

Did you go through the previous reply from me?

Are you sure, SF is requiring client authentication? I do not feel so.. I guess they just need the HTTP over SSL communication. So please upload the chain certificates (Root CA, Intermediate CA, Main Certificate) in the mentioned order in TrustedCAs keystore view.

Also please uncheck the Client Authentication check box in your receiver channel and test it. It should work.

Regards,

Nitin

bhavesh_kantilal
Active Contributor
‎05-11-2016 9:50 AM
0 Kudos

I have to agree with Nitin. For SalesForce Integration, there is no need for Client Authentication.

Just load all the 3 certificates into TrustedCAs and once loaded, restart your PI Server and you are done from a Certificates perspective.

Harish
Active Contributor
‎05-10-2016 12:32 AM
0 Kudos

Hi Alim,

Please create the private key for the key store view/ trusted CA. if you check only those key stores are visible in communication channel which has the private keys.

Please create the private key for the keystore view you want to check in comm channel.

regards,

Harish

Show replies
Show replies
Former Member
‎05-10-2016 1:22 PM
0 Kudos

Thanks Harish,

I understand apart from 3 public certificates entry from SF, I also need to create Private Key Certificate Entry.

I created exactly same but it is again showing same Private Key entry I created.

I want to achieve something as mentioned in below link.

Can you please help me to provide link / doc / steps to do same.

Alim

Harish
Active Contributor
‎05-10-2016 11:21 PM
0 Kudos

Hi Alim,

Yes it will show the private key which you created, you just needs to select that private key. The certificate will be loaded when you trigger the message (at run time connection).

regards,

Harish

Ask a Question