on 05-12-2016 11:16 AM
Dear Experts,
Scenario : BPM TO SFDC. a udf calling a lookup channel will get the session id in message mapping. After that SOAP Channel will perform Upsert operation. This receiver channel has two nodes. Node-1 is green which means working fine other Node-2 is failing with below error.
Message which hits Node-1 is green but message hits Node-2 is failing.
Messages are failing with error as, below is the screen shot :
Screen shot of node :
I have 'stop' & 'start' the channel but still the issue. What is the root cause of this issue & what is the solution ?
reg, avinash
Dear Nitin/Bhavesh,
I had contacted SFDC team for this issue. SFDC architect informed us about certificate change and issue a new certificate.
This certificate is different from what I get from SFDC URL : https://XXX.salesforce.com/services/Soap/c/28.0/00Db0000000Jful
Team Basis loaded the chain of certificates to TrustedCAs & server restarted. Boom failed messages are successful.
Heartily thanks for your kind support here.
I need to find out why Certificate I get from url didn't work here.
reg, avinash
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Regards
Bhavesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Bhavesh,
No certificate loaded to nwa. This interface was working fine since yesterday.
Even I have restarted the PI system with the help of Basis, but still this is occurring.
Below is the screen shot of Production, few messages are successfull belongs to same interface but some of them failed.
reg, avinash
Hello Avinash,
If you are not using certificates, then the URL you are using to connect SF is HTTP and not HTTPs? It is strange that sometimes it is working and sometimes not.
One more thing, your PI system is single stack or dual? If single, then NWBPM needs to be connected with SOAP channel to SAP PI system.
Regards,
Nitin
Do you know what URL is being hit when the calls fail and when the calls are successful?
I would check if the URL are same or different.
If different, I would check the SSL Certificates of both these URLs and see if any of them have a recent SSL Certificate change. You can load the URL in a browser and then download the certificate and check.
If the certificates have changed recently you might need to upload them into the TrustedCAs.
both successful and failure message is hitting same URL is same.
URL : https://XXX.salesforce.com/services/Soap/c/28.0/00Db0000000Jful
Below is the Audit log of failed message.
this is HTTPS connection. required certificate is already loaded in TrustedCA. This interface working fine since 2015.
Below is the screen shot of certificate chain. Verisign Root CA is already exist in the nwa, but I am not finding other two - Symantec and Salesforce.com
reg, avinash
Hello Avinash,
It might have been deleted by mistake by somebody. Peer Certificate Rejected by Chain Verifier is the error we get when the system is unable to find the chain (Root, Intermediate and Main Certificate).
Please upload them again in the TrustedCAs keystore view. This must resolve the problem. Without the certificates currently if it is working, then it is something strange or you might be looking at different keystore view.
Regards,
Nitin
Hello Nitin,
In production we have other two Salesforce instances, Instance-2 and Instance-3. I have checked its certificate and compared with Instance-1, certificates are same.
Instance-2 and Instance-3, PI is successfully transferring message to it.
If I upload other two certificate of Instance-1, will it create any problem to Instance-2 and Ins-3 ?
reg, avinash
Hello Avinash,
Do you mean, if the message flow through the 1st node, then the messages are successfully sent to Salesforce.com? Have you successfully connected to Salesforce.com anytime? Or it is failing for every message?
Switching of the data between server nodes happens based on the load.
Regards,
Nitin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Avinash,
Can you post the log, where it was successful when it was going through the 1st server node?
As Bhavesh told, this is not dependent on the server node which is processing the data. If you had an extra application server, which will have different IP address, then we might have suspected some problem with the communication between your central instance and App servers. But from your screenshot i see you only have the Central Instance or popularly known as Primary Application Server (PAS) but with 2 server nodes.
Regards,
Nitin
User | Count |
---|---|
95 | |
11 | |
11 | |
10 | |
9 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.