Skip to Content
avatar image
Former Member

C4C to CRM integration using HCI Certificate-based Authentication - 403 Forbidden

Hi Experts,

In reference from the discussion in this link (Quick Guide on using Certificates for Integrating C4C and ECC using HCI), we need suggestions on why we're getting 403-Forbidden error, what steps did we miss for our communication from C4C to CRM using HCI. 

We already imported the necessary certificates in the iFlows/SSL Server/Client PSEs signed by Entrust (which is one of the supported CAs and our communication from CRM to C4C certificate-based authentication configuration is working fine) for HCI. We also mapped the HCI client certificate to the CRM user that we created (CODINTEG). Service IDOC is also registered and activated (SICF and SRTIDOC).

Below are the roles assigned to the user CODINTEG, and the mapping of HCI client certificate in SM30 and also the certificates imported in our SSL Server PSE. Just a note that we're not using SAP webdispatcher as a reverse proxy here for our C4C to CRM connection.

Thanks in advance.



Roles.jpg (103.4 kB)
SM30.jpg (77.4 kB)
SSLServerPSE.jpg (109.7 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Apr 23, 2015 at 07:22 AM

    Hello Rajiv,

    for test purpose and for eliminating error reasosns caused by user authorization rights you could assign first SAP_ALL to your communication user. If this works, you should reduce the rights again to a minimum...

    Goto SU01 and edit the user CODINTEG. Goto Tab Profiles and within F4 help tab "Composite Profiles" search for SAP_ALL.

    Best regards,


    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Pragya Pande

      Hi Pragya,

      1. Yes, there is, CRM inbound communication is working fine when using basic authentication.

      2. No, this certificate is only mapped to one user.

      3. We'll check on this.