- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- https call from SAP SOAP client tool
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
https call from SAP SOAP client tool
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-10-2007 4:36 PM
Hi,
in order to call a webservice via https using the SAP SOAP client tool, I've done the following:
1. The Client cert field filled with my personal certificate from IE (pcert.pfx)
2. The Trust store field left as it was (cacerts file of the jre).
When calling the service I am getting
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
Very likely this is caused by setting 2.
Could anybody advise how to get an X.509 certificate of trusted root CAs? Any chance to export from IE or would one have to get that from a CA? File types required are ppfx or p12, which is strange since these contain private keys.
Much appreciated.
Rene Funke
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2007 4:12 PM
Hi Rene,
You need to include the full certificate chain in the p12 file. i.e. private cert and root CA cert. IE will not export the full certificate path with the private certificate unless it was imported into IE with this flag set. You could use Firefox to generate the pks12 file. It will include the full certificate path.
This private certificate (p12 file) should then be added to the truststore in XI.
Also, .p12 (pkcs#12) file format defines a file format commonly used to store private keys with accompanying public key certificates - not just private keys.
Hope this helps.
Bryan
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2007 4:12 PM
Hi Rene,
You need to include the full certificate chain in the p12 file. i.e. private cert and root CA cert. IE will not export the full certificate path with the private certificate unless it was imported into IE with this flag set. You could use Firefox to generate the pks12 file. It will include the full certificate path.
This private certificate (p12 file) should then be added to the truststore in XI.
Also, .p12 (pkcs#12) file format defines a file format commonly used to store private keys with accompanying public key certificates - not just private keys.
Hope this helps.
Bryan
- SAP Managed Tags:
- Security
