Skip to Content
Former Member
Feb 13, 2017 at 10:11 PM

HTTPS Without Client Authentication vs HTTPS With Client Authentication at SENDER side

2910 Views Last edit Feb 13, 2017 at 10:23 PM 3 rev


I need to clear my confusion about different steps related to HTTPS Without Client Authentication and With Client Authentication at Sender side in SAP PI Single Java Stack 7.4:

Prerequisites: Very first I need to enable SSL (Believe it or not, SSL Enabling for your PI 7.31 EHP1(Java only) is a cake walk now) which will also generate root, intermediate and system certificates under Server Identity, Trusted CA.

HTTPS Without Client Authentication at SENDER Side:

1. I need to create Certificate (NWA->Configuration->Security->Certification and Keys) under “service_ssl” key store view, Generate CSR Request and Import CSR Response after CA returns it back.

A step by step to apply Netweaver PI(dual-stack) https service I have ignored ABAP Stack configurations and I hope old key storage view: 'ICM_SSL_<XXX>' is now replaced with 'service_ssl'.

2. I need to send this Server SSL Certificate to SENDER system so that they send our PI system data through SSL.

HTTPS With Client Authentication at SENDER Side:

I need to perform all the above steps and additionally:

3. I have to import Client Certificate under 'Trusted CAs'.

Adding Certificates to PI

4. I have to perform steps as per below document:

Sender SOAP Adapter: HTTPS with Client Authentication

Click on certificate tab, Click on modify and then upload the certificate you have with your partner.

Certificate Installed.PNG

Here I am uploading the Certificate provided by SENDER system. Am I correct?

Please let me know if my understanding is correct.