cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue while setting up Enteerprise Messaging with Onpremise

Go to solution
Vijay
Active Contributor

on ‎12-10-2019 10:26 AM

0 Kudos

I have been trying to set up Enterprise Messsaging service with on-premise folloing this blog from pspaolo here https://blogs.sap.com/2019/09/16/sap-enterprise-messaging-for-s4hana-on-premises/ .

I am trying this out in my SCP trial account. Competed following steps:

=> Created instance for Even Messagig service in CF

=> Generated Service Key and have got the client ID, Client secret and token endpoint.

=> Created role with Admin role templates and added to the backend user.

=>Uploaded certifictes in STRUST

=> Created RFC Destination and using the proxy details also to bypass firewall -

But connection test is failing.

When i do the test connection , a popup appears to pass on the credentials. I tried with my SCP credetials , but it fails with 401 unauthorized error.

Not ,sure whats wrong...Any clue??

=> Did the OAuth 2.0 Account setup as shown below (again maintained the proxy details here also)

=> Did the channel and paramers setup

When I am trying to activate the Channel it also fails with below error.

If anyone could please help me to resolve these issues .

Appreciate your help with this.

Thanks

Vijay

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Tobias_Griebe
Advisor
Advisor
‎12-11-2019 10:29 AM
0 Kudos

Hi Vijay,

as stated in the documentation: export ALL the certificates from the certificates path. There are 3 certificates in total that you need to import into STRUST. After importing and saving, please don't forget to restart the ICM.

Also please have a look which PSE file is bing used to do the SSL handshake, so we can check if the certificates have been imported in the correct PSE.

Regards,
Tobias

Show replies
Show replies
Vijay
Active Contributor
‎12-12-2019 6:46 AM
0 Kudos

Thanks a lot Tobias for your wonderfullsupport.

After Uploading all the 3 certificates it still didn't work, then i added the certificates to the Anonymous PSE also (were added to Satandard earlier) and now it worked. I am able to test Channel connection successfully.

Thanks again Tobias!

Viajy

Answers (1)

Answers (1)

Tobias_Griebe
Advisor
Advisor
‎12-10-2019 10:39 AM
0 Kudos

Hi Vijay,

The 401 error when testing the RFC destination is normal. You can't logon with your SCP credentials as this needs an OAuth token. But with that you already know that the endpoint is reachable from your on-prem system.

Can you check in the ICM trace (TA: /nSMICM) if there are any errors listed when you trigger the communication check for the Channel? You might need to increase the log level.

Regards,
Tobias

Show replies
Show replies
Vijay
Active Contributor
‎12-10-2019 5:12 PM
0 Kudos

Thanks Tobias for your respose.

So, i assume my RFC destination is all good..

For Channel Communication test, i looked at the ICM trace and i can see the STRUST certificate verification failiure error.

*** ERROR => SSL handshake with p376567trial.authentication.eu10.hana.ondemand.com:443 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102)

I am not sure why as i have already uploaded the certificate in STRUST.

here is the Certificate i have uploaded in STRUST.

Thanks

Vijay

Ask a Question