Hi Joeri,

following description sets up a SSL handshake connection between Client and Server.

The client (B1iF) is identifying himself using the trustStoreURI and the server is defined by the keyStoreURI, where the certificate needs to be uploaded.

Did you already upload the file .keystore into B1if BizStore to use it as trustStore?

.keystore has a self-signed certificate of the B1i server and can be found in <B1i-Installation folder>\Tomcat\webapps\B1iXcellerator

To upload the file please use the B1i Control Center -> Maintenance -> BizStore Upload:

• Payload-Type Settings = bpm.pltype=jks
• File-Name = .keystore
• BizStore-URI = /com.sap.b1i.vplatform.directory/Certificates/Tomcat(unified)

Press "Submit" and check the uploaded file via B1i Control Center -> Configuration -> Certificate Admin by selecting the chosen BizStore-URI.

The used alias is "tomcat". The password which is needed to see "Further details" can be found in <B1i-Installation folder>\Tomcat\conf\server.xml.

For your external certificate e.g. *.pfx please use the same method for upload with following Payload-Type Settings: bpm.pltype=pfx.

Now you can use both certificates as keyStore and trustStore by filling following parameters in your xslt payload:

<connect>
<!--the connect section is optional - you can also define a reference to the sld-->
<destProtocol>https</destProtocol>
<destHost>your host</destHost>
<destPort>443</destPort>
<destPath>your path</destPath>
<query></query>
<proxyHost>your webproxy</proxyHost>
<proxyPort>your web proxy port</proxyPort>
<method>POST</method>
<authentification>x509</authentification>
<user>user of your external certificate</user>
<password>password of your external certificate</password>
<user2query></user2query>
<password2query></password2query>
<trustStoreURI> /com.sap.b1i.vplatform.directory/Certificates/Tomcat.jks</trustStoreURI>
<keyStoreURI>/com.sap.b1i.vplatform.directory/Certificates/<externalCertificate>.pfx</keyStoreURI>
</connect>

Best regards

Bastian