cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Integration Server URL for HTTPS

Go to solution
george_hamilton
Participant

on ‎08-27-2007 6:00 PM

0 Kudos

I want to configure SSL for our PI 7.0 system. I have:

- Configured SSL on the Java Stack and tested it. It works fine.

- Configured SSL on the ABAP and tested it. It works.

I know to enable HTTPS I need to change the following exchange profile parameter:

com.sap.aii.connect.secure_connections = messaging

I think I need to change the J2EE server

SAP XI AF CPA Cache to register with the http/https ports and the Fully qualified domain name (so to match the SSL Certificate).

The big question is:

Do I need to change the URL for the Integration Server (in the business system in the SLD)? For example:

https://<hostname>.domain.com/sap/xi/engine?type=entry

(where https is the default 443 so I don't have to specify the port).

-

Or can we just leave that as the default HTTP connection as below?:

http://<hostname>.domain.com/sap/xi/engine?type=entry

Any help is greatly appreciated since I don't have access to a sandbox and it is trial and error (with developers needing to use the system). Thanks!

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-27-2007 7:38 PM
0 Kudos

Hi George,

it depends. The IS URL in the SLD is usually used for the XI internal communication, meaning for communication between the Adapter Framework (AFW) and the Integration Server (IS).

Usually you do not need to define this communication with HTTPS, but if you have this requirements, you have to change the IS URL information in the SLD accordingly.

Usually more important is the IS communication from other backend systems, where you have to manipulate the URL to contain the HTTPS now.

Best regards,

Silvia

Show replies
Show replies
george_hamilton
Participant
‎08-27-2007 10:13 PM
0 Kudos

The documentation says that "the internal PI communications and the messaging communications must be configured to use these HTTP connections". So only the CPA Cache service has to have a HTTPS port? When I had changed it before the Adapter Cache (SXI_CACHE) showed the adapter engine URL has https. So the Integration server URL only matters for internal communications not messaging?

Answers (1)

Answers (1)

bhavesh_kantilal
Active Contributor
‎08-27-2007 8:34 PM
0 Kudos

I agree with Silvia here.

The entry can continue to point to the default port / default URL of the Integration Server as you would need to authenticate only the end point and not internal XI calls.

Also, if I remember correct, the SSL port is always one port higher than the default port both for J2EE and ABAP stack.

@Silvia : Nice to see ppl from SAP (especially the author of CTS+ article ) contributing on the XI forums. Need more people like you here

Regards

Bhavesh

Show replies
Show replies
Ask a Question