on 11-21-2013 7:27 AM
Dear Team,
Currently our central SLD is PI system and we have to to configure the SLD data supplier in the ECC system to send the data from ECC to PI.
Recently we have changed ECC system & PI system from http to https.
In ECC system in the Visual Admin , if i use the SLD data supplier parameters as http port (5XX00) I am successfull.
But , when i use https (5XX01) I am failing with the below error.
I could see the ECC system /SYS/global/sld/model/ cimsap.1_4_31 is the version which is displayed.
But in the PI system the CIM Model version is 1.6.21 (SAP_CR 7.5).
Can you please advise how this issue can be fixed.
Note: If we use http port SLD is working fine , but only the above issue we are facing when we configure the port of https.
regards,
Manoj
Dear Rishi,
Thanks for the info.
I do not see any keytool under the path were you have mentioned, we are using SAP JVM 5 not 6.
and also in the SYS/profile/ there is no jstart folder.
Our ECC also dual stack. we are maitaining the ssl certificate in ABAP & JAVA as well. Let me know if the ssl certificate has to be maitained only in the ABAP system?
Do you see any reason why we have to maitain the the mapping in table USREXTID?
Best regards,
Manoj K
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear All,
The issue is resolved by self.
I have Exported the PI ABAP SSL Server Standard certificate(in our case SLD is PI system - 7.11) using the transaction strust and imported in to the ECC ( in our environment ECC 6.0 Ehp4 is dual stack system) system in the JavaStack via visual admin in to TrustedCAs.
After doing the above step, from ECC system, SLD Data Supplier is able to send the data to PI system using the HTTPS port.
Regards,
Manoj K
Dear All,
Yes, we enabled the SSL/HTTPS for PI system. and below parameter has been set as follows.
And I could launch the below url successfully.
https://sap PI server name : 5XX01/
telnet hostname httpsportnumber also accepts the connections from both the system PI & ECC.
Please advise.
regards,
Manoj K
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Just thinking that if SSL is activated then do we need to install the certs to help them work.
Please check the below comments in the below note.
1538985 - SLD Configuration for SAP Convergent Charging
Using SLD over the HTTP Secure protocol
When it comes to using a System Landscape Directory accepting HTTPS requests instead of regular HTTP, the Java Virtual Machine of each Convergent Charging instance must be aware of the SLD's SSL certificate.
For this operation, you need to use the "keytool" utility which is provided with your Java Runtime Environment. You can find it in the folder of the SAP JVM:
The following types of instances are affected: dispatchers, BART, Diameter and Communications Taxing.
For each of them, please follow the procedure below:
keytool -import -keystore < keystore>.ks -alias <alias> -storepass <passwd> -file <sld_cert>.der -noprompt
-Djavax.net.ssl.trustStore=< keystore>.ks -Djavax.net.ssl.trustStorePassword=<passwd>
Can also used the below note.
766215 - HTTPS with the SLD ABAP programming interface
Also check if you are affected by this.
1307307 - SLD ACCESS - considering https port while getting serverPort
1526498 - SLD Registration: application doesn't support HTTPS
Thanks
Rishi Abrol
Hi,
Have you activated HTTPS in the PI system .
First of all what is the PI version.
Second thing just simply run the url.
https://sap PI server name : 5XX01/
And see if this comes up.
If is not opening then means that 5XX01 or https is not set. If you tell me the release i can send you the url to set https port.
If it is set that i would suggest you to do telnet sappi hostname 5XX01 and see if it can access the port from ECC server.
Thanks
Rishi abrol
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Manoj,
Refer to note 1309239 - Configuration Wizard: PI NetWeaver initial setup q.16.
Question 16: Does the PI NetWeaver Initial Setup configure SSL/HTTPS?
Answer: No. Your AS Java system must first be configured to support HTTPS/SSL. After that Exchange Profile property
has to be set. For further information access the SAP Library:
Release 7.10:
http://help.sap.com/saphelp_nwpi71/helpdata/en/e8/1f1041a0f6f16fe10000000a1550b0/frameset.htm
Release 7.11:
http://help.sap.com/saphelp_nwpi711/helpdata/en/48/a9bb457e28674be10000000a421937/frameset.htm
Release 7.30
http://help.sap.com/saphelp_nw73/helpdata/en/48/a9bb457e28674be10000000a421937/frameset.htm
BR,
K.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
94 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.