Skip to Content
-1

HTTPS Without Client Authentication vs HTTPS With Client Authentication at SENDER side

Feb 13, 2017 at 10:11 PM

651

avatar image

Hi,

I need to clear my confusion about different steps related to HTTPS Without Client Authentication and With Client Authentication at Sender side in SAP PI Single Java Stack 7.4:

Prerequisites: Very first I need to enable SSL (Believe it or not, SSL Enabling for your PI 7.31 EHP1(Java only) is a cake walk now) which will also generate root, intermediate and system certificates under Server Identity, Trusted CA.

HTTPS Without Client Authentication at SENDER Side:

1. I need to create Certificate (NWA->Configuration->Security->Certification and Keys) under “service_ssl” key store view, Generate CSR Request and Import CSR Response after CA returns it back.

A step by step to apply Netweaver PI(dual-stack) https service I have ignored ABAP Stack configurations and I hope old key storage view: 'ICM_SSL_<XXX>' is now replaced with 'service_ssl'.

2. I need to send this Server SSL Certificate to SENDER system so that they send our PI system data through SSL.

HTTPS With Client Authentication at SENDER Side:

I need to perform all the above steps and additionally:

3. I have to import Client Certificate under 'Trusted CAs'.

Adding Certificates to PI

4. I have to perform steps as per below document:

Sender SOAP Adapter: HTTPS with Client Authentication

Click on certificate tab, Click on modify and then upload the certificate you have with your partner.

Certificate Installed.PNG

Here I am uploading the Certificate provided by SENDER system. Am I correct?

Please let me know if my understanding is correct.

Regards,

Nayan.

10 |10000 characters needed characters left characters exceeded

Anyone wants to add anything else?

Thanks,

Nayan.

0
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Karthik Bangera Feb 14, 2017 at 07:52 AM
0

Hi Nayan,

Yes, you are right, you need to upload the Partner's public certificate under Certificates tab for that particular service user.

Regards,

Karthik

Show 2 Share
10 |10000 characters needed characters left characters exceeded

Thanks Karthik. Can you please also confirm my understandings about other Steps (Prerequisites, Step 1,2,3).

Regards,

Nayan.

0

Yes Nayan, these steps (1,2,3) are correct.

Regards,

Karthik

0