cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSLHandshake Exception.

Go to solution
vijay_b4
Active Contributor

on ‎09-01-2016 2:57 PM

0 Kudos

Hi,

I am working on a SOAP to AS2 scenario and facing the following error: Any help?

Message could not be forwarded to the JCA adapter. Reason: Fatal exception: javax.resource.ResourceException: SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target # , SEEBURGER AS2: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target #

for abcd


Thanks,

Vijay.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

manoj_khavatkopp
Active Contributor
‎09-01-2016 6:31 PM
0 Kudos

have you installed the complete SSL certificate path - Root,intermediate and Leaf certificate .

if possible try to run xpi_inspector which clearly indicates which certificates are missing you can download from there and install in nwa.

Show replies
Show replies
vijay_b4
Active Contributor
‎09-01-2016 7:01 PM
0 Kudos

Hi Manoj,

Vendor AS2 Public key certificate has been installed by basis team and I have provided my company AS2 certificate to the vendor. Is there still need to install SSL certificate?If so could you please provide me the steps? what is SSL certificate?

Thanks,

Vijay.

manoj_khavatkopp
Active Contributor
‎09-01-2016 7:25 PM
0 Kudos

how are you connecting to the third party ?? through http url or https if its https then additionally to the third party public key you need SSL certificates which should be provided by third party to connect to thier server .

you need to ask the third party to provide SSL certificate which you need to install in nwa and configure in reciever channel.

vijay_b4
Active Contributor
‎09-01-2016 7:40 PM
0 Kudos

We are connecting through HTTPS. Could you please let me know exactly where that SSL certificate need to be installed and whats the purpose of that? is something like authentication?

and I see there are two field in SSL certificates

1.Server Certifiate (key store)

2.Private Key for Client Authentication

What is the purpose of the above fields?

and which one should I request exactly?

and what is the difference between HTTP and HTTPS Transport Protocol? can I use HTTP instead of HTTPS?

Thanks,

Vijay.

manoj_khavatkopp
Active Contributor
‎09-02-2016 6:41 AM
0 Kudos

SSL certificate needs to be installed in the nwa of PI system , this is used for secure connection i.e through connecting HTTPS.

1.Server Certifiate (key store) - is the SSL certificate provided by the third party which you install in nwa

2.Private Key for Client Authentication - is your private key for handshaking.

So you need to ask them for SSL certificate.

If third party AS2 server supports then you can connect through HTTP or else have to go for HTTPS.

Search in google you get more info on HTTP vs HTTPS.

GauravKant
Contributor
‎09-02-2016 8:09 AM
0 Kudos

Hi Vijay,

PFB link for HTTP, HTTPS and SSL. You will get a clear idea about this.

HTTP and SSL - SAP NetWeaver Process Integration Security Guide - SAP Library

Answers (1)

Answers (1)

former_member5611
Employee
Employee
‎09-02-2016 3:36 PM
0 Kudos

Dear Vijay,

Please check if the certificates are located in the TrustedCAs or not. The PI communication channels read the certificates from this keystore view. After you moved the certificates to the right view, please restart the communication channel.

Best regards,

Bence

Show replies
Show replies
vijay_b4
Active Contributor
‎09-07-2016 7:01 PM
0 Kudos

Thank you for the response!

As per Basis, they have loaded the AS2 certificate and SSL certificate in NWA-certifications and Key tab-seeburger...

I am not sure whether this is the right place or not, and I have provided the AS2ID in Receiver Party

and provided the SSL path in receiver communication channel:

so now the error changed from "SSL Handshake Exception" to "CryptoApiException" after installing SSL Certificate providing the SSL Certificate path in Receiver CC:

Transmitting the message to endpoint <local> using connection SOAP_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: javax.resource.ResourceException: Fatal exception: javax.resource.ResourceException: SEEBURGER AS2: HTTP-Client component init failed # java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Could not retrieve alias collection., SEEBURGER AS2: HTTP-Client component init failed # java.security.PrivilegedActionException: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Could not retrieve alias collection.


Please provide the solution.


Thanks,

Vijay.



former_member5611
Employee
Employee
‎09-08-2016 9:28 AM
0 Kudos

Hi Vijay,

For this issue please review the Master Installation Guide section "Notes on Cryptography" and following subsections. These sections details how to set up the SSL functionality.

The guide can be located in the "Manuals" folder of the SEEBURGER software download.

Best regards,

Bence

Ask a Question