on 10-05-2007 9:15 AM
I am trying to send a XML message (an Invoice) from XI to an external Customer via HTTP Adapter.
The site I am posting the message to is SSL.
I have installed the Customer's Certificate via STRUST under SSL Client (Standard) and can see it in the
certificate list.
Within the Communication Channel for HTTP Adapter I have tried Addressing Type of URL
and also with a HTTP (SM59) destination. Both do not work.
The setting used for both are
host : workflw.externalcustomer.xxx.com Service: 443
Path : /SubmitInvoiceUAT/SubmitInvoice.asmx/SubmitCXML
HTTP Proxy : internetproxy.mycompany.com
Proxy Servuce : 80
SSL Active : SSL Client Certificate ANONYM SSL Client(Anonymous). As no client cert is used for logon
I have attempted a connection test within SM59 for the HTTP Destination and I receive the error
ICM_HTTP_SSL_ERROR.
1) If the SSL Client Certificate ONLY for logon then how does XI know what cert to encyrption with?.
2) Should Verisign/Thawte etc CA certs be also installed in STRUST ?
Does that "public" key for encryption need to be placed anywhere (eg STRUST) or will XI just do
3) this when it does the handshake with the external HTTPS site it is posting to ?
4) Also the transaction STRUST may (or may not depending on how the documentation is interpreted) need the installation of some certs into its PSE (Personal Security Environment). But exactly what they mean is a mystery. I have created what I thought was the servers cert but cannot see to create a dev.connector.boc.com named certificate. Perhaps that is not needed.
Here is the help <a href="http://help.sap.com/saphelp_nw70/helpdata/en/e8/1f1041a0f6f16fe10000000a1550b0/frameset.htm">SAPHelp on PI HTTPS Config</a>
5) Also OSS note 510007 it advises to check a number of settings. I have had a look at what I can ..namely via transaction RZ10 and I can see one parameter and should that be changed to include a HTTPS ? .i,e currently it is set to <i>icm/server_port_0 PROT=HTTP,PORT=80$$,PROCTIMEOUT=3600</i>
Hello
As a process you have done well. I suspect the problem could be with " SSL Client Certificate ". Check weather the SSL Client Certificate is Valid version.
Best practice.
Alway when we are communicating with HTTP outbound. It is better to have a STANDALONE ftp location for both SENDER and RECEIVE xml DATA transfter files.
I hope I answered your question. It was nice answering your question. Feel free to reach SDN if you have any questions.
Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.