on 11-12-2021 12:24 AM
Hi,
When I make a GET or POST http request from an .xsjs service in aN on-premise HANA server to a SAP internal web domain I get the error (hiding information from hosts) :
HttpClient.request: request failed: unable to establish connection to <hostdomain>:443 - IPcon: connection to host <hostdomain>:443 failed!; $REASON$=ssl: internal error
description = "host description";
host = "hostdomain";
port = 443;
pathPrefix = "/";
proxyType = none;
proxyHost = "proxy";
proxyPort = 8080;
authType = none;
useSSL = true;
timeout = -1;
sslHostCheck = false;
sslAuth = client;
I created a trust store for this host in XS admin tool and added all certificates available in the domain and even downloaded SAP Cloud Root CA from http://www.pki.co.sap.com/
This is how my trust store looks like
This is my configuration of destination
when I select certificate actions PUT CA Response on the trust store of each certificate I get:
I cannot access the server from command line. I can only use web ide and sap/hana/xs/admin.
I can successfully call the destination from node.js using the following lines of code :
var Request = require("request");
var XML2js = require("xml2js");
var sslRootCAs = require("ssl-root-cas");
sslRootCAs
.inject()
.addFile("/SAP Cloud Root CA.crt")
.addFile("/SAP Global Root CA (1).crt")
.addFile("/SAPNetCA_G2 (5).crt");
fs = require("fs");
Request.post(
{
headers: {
"Content-Type": "application/json",
},
url: "https://<HOSTDOMAIN>",
},
(error, response, body) => {
if (error) {
return console.dir(error);
}
console.log(response.body);
}
);
<br>
When I run the openssl command on my windows computer to check the chain of certificates I only get the certificate 0.
openssl s_client -connect <hostdomain>:443 -servername <hostdomain>
And as far as I understand, it means that my destination server doesn't send the intermediate certificates. That is why I add them to the files in node.js. But I'm not able to access from my hana server and I need to access from it
I would really appreciate if someone can help me
¿Does anyone know how to correctly configure the trust store from hana xs admin tool?
User | Count |
---|---|
83 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.