on 07-04-2016 9:48 AM
I am using SOAP Axis Receiver adapter. Client has given a certificate.
Is itenough to import it in NWA or are there any more steps? Axis Receiver doesn't have public key and private key. Are there certificates without private and public key?
IN the modeule configuration I can see
there is wssec as module key
then a username
and a paswrod
do we have to enter this password in NWA also?
should the client give this password
Hi Midhun,
These types of certificates are used for Transport level authentication, hence do not require private keys.
You can import these certificates in TrustedCAs keystore view and it should work.
Please note the certificates must be CA signed and must have 3 chain certificates.
1. Root CA
2. Intermediate CA
3. Main Certificate
Ensure you install the certificates in the above mentioned sequence.
Keep us updated on the progress.
Regards,
Nitin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Nithin
Thanks for the help..
Please note that I got only one certificate from the bank.. It's a text file.
So should I ask them about the remaining certificates? Or could be that they give the final certificate after merging all certificates?
Should I need a password? Like I said in module key of wssec I have seen that. What should I type there? Should the bank provide that password... what password should I ask them? password to decrpt file
Regards
Dear Midhun,
Hope you are doing good.
The certificate order should be: server - inter - root.
You can use the below link to test the certificate:
http://demo.iaik.tugraz.at/sslinfoservlet/servlet/iaiksslserverinfo/
The output will help you further; the root cert should be in 1st position. If not, this needs to be changed by the provider of the certs as iaik has strict checks on the order of certificates.
Hope this helps.
_ _ _ _ _ _ _ __ _ _
Kind Regards,
Hemanth
SAP Product Support
_ _ _ _ _ _ _ _ _ _ _
Join me online: http://scn.sap.com/people/hemanth.kumar/content
Hi Midhun,
You must use the X.509 certificates. You need not use anything in WSSE module as you are just authenticating at the transport level and not the data. Just use HTTPs URL of the 3rd party, after deploying the certificates in Trusted CAs it should work.
WSSE is used to sign and encrypt the data you are sending the data to your 3rd party and your 3rd party must have capability to decrypt and verify it.
You can go through the below blog for more information on WSSE -
@Hemanth - I am not sure why you are suggesting him to run XPI inspector when there is no issue. XPI inspector is used, only when you are not able to identify the error from the error description in the Audit log.
Regards,
Nitin
Hi Nitin
Thanks again
I have got only one certificte from the client.
should I ask for the remaining two? this is one question thats bothering me a lot. I am actuallly doing a roll out of existing project. I am copyng an existing interface.
I asked for certifixate and the bank gave just ONE crtificate
also there are lots of wssec parametrs incuded in the module. They are using it. I need passowrd for that from them
You need to check if the given certificate is enough or do u need root and inter certificate to, check this blog on how to verify the certificates manually :
and regarding the WSSE in the modules this password is usually provided by third party which is used in webservice authentication at soap header level.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI Manoj
I am copying an interface from existing project to a new project and there is no FS.
I have seen two passwords..
One under connection parameters, I guess this is for the serveice endpoint
The second one is in the adapter module.
So I have to ask the bank for webservice authentication password, right?
if the details are all entered correctly, then the ping of the cc should also work, right?
Midhun there are usually 2 ways by which userid and password authentication is done with Webservice either passing it at http header level which is done simply by configuring user authentication at channel level and other way is by passing at soap header level which can be done by addsoapheaderbean/custom soap envelope by java or xslt or by wsse in module level.
I would suggest you to try the same password at module level which you have already.
HI
Under Connection Parameters
URL the url
Authentication BASIC
User <bankname>admin
Under Module Configuration:
ModuleKey Paramatername Parametervalue
wssec action encrypt
wssec pwd.password password
wssec user online<bankname>encrypt
So there are two userids in the communication channel
Axis is a real head ache
User | Count |
---|---|
79 | |
9 | |
9 | |
7 | |
7 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.