on 06-21-2007 11:05 AM
I'm trying to connect SRM with a Marketsite through XI:
Here's the scenario:
SRM (Purchase Order) > XI 7.0 (Marketplace Adapter) > Marketsite
Right now, I am getting an error in the adapter engine saying:
"Error while silently connecting: org.w3c.www.protocol.http.HttpException: iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier"
Apparently, the problem seems to be related to the ssl certificate. I am using an https connection and UID/PW as the authentication method in the marketplace adapter settings.
Where should I import the certificate of the marketsite in XI? I have tried putting it into the TrustedCAs of the Key Storage in the Visual Administrator, but I still get the same error.
Is there a specific format of the certificate that XI accepts? What else should I be configuring to get the message successfully processed? How can I troubleshoot this properly?
Hoping you can help me out.
Best Regards,
Glenn
Glenn,
You need to make sure that you have loaded all the certificates in the certificate path, not just the last certificate. You are getting a chain error, i.e. you are missing certificates.
The certificate you got from the Marketplace will have a certificate from the issue party.
Regards,
Simon
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you very much, Simon.
I'm having difficulty importing the certificate into the "TrustedCAs"; it wants me to provide a password, then asks for chain certificates.
The certificate I got from the marketsite is in the format PKCS#7, which contains the certificate of the issuing party and the certificate itself., but apparently XI only accepts PKCS8 and 12. Could this be the cause of the problem?
Would you know the specific formats I should be importing?
Warm regards,
Glenn
The Visual Administrator excepts the following certificate formats
Base64 Encoded Certificate (*.cert)
Base64 Encoded Private Key (*.key)
PKCS#8 Private Key (*.p8)
PKCS#12 Key (*.p12, *.pfx)
X.509 Certificate (*.crt).
If your adapter is using ABAP you need to load the certificates into the Trust Manager (STRUST)
Look at the certificate that you got from the market place.
Open in windows and then go to the <b>Certification Path</b> tab and get certificates for every entry in the path.
Regards,
Simon
Glenn,
Please check this document and verify all the steps you have done or not. If you follow this you should not have any problem.
Regards,
---Satish
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.