Skip to Content

Issue connecting SAP ECC and HCI to trigger IDOC

Hi Experts,

I followed the below mentioned blog and configured in my system. I am getting error in ECC as Status 02(Problem with SOAP class).

https://blogs.sap.com/2016/08/09/hci-hcp-is-idoc-adapter-deciphered-part-1-trigger-idoc-from-sap-to-hcc-using-basic-authentication/comment-page-1/#comment-364584

Also, I cannot see any logs in HCI and no messages in Message Monitoring in HCI.

In RFC destination, when testing the connection getting the below status –

In the IDoc Sender Channel we have the below screen. Do we need to enter any user credentials(deployed artifacts?)

Not sure what is the issue, and what I am missing.

Please help.

Thanks,

Nidhi Srivastava

ddd.jpg (7.7 kB)
jj.jpg (14.6 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

8 Answers

  • Best Answer
    Feb 24, 2017 at 10:35 AM

    Hi Nidhi,
    yes, this does not seems to be the account you addressing.
    Also as i see on the first screenshot about the SSL handshake you are using this url: hcisbp.ap1.hana.ondemand.com -> so your HCI account is in the APJ data center. Please try to search for your HCI account here:

    https://account.ap1.hana.ondemand.com/cockpit#/welcome/overview

    Best Regards,
    Viktor

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Victor,

      Thanks for your response.

      Got the account is valid for Australia and the user is already having the mentioned role.

      All the settings seems to be correct, still getting Status 02 when triggering IDoc from ECC system.

      Please suggest, if you think something is missing.

      Thanks,

      Nidhi Srivastava

      ssssssss.jpg (36.7 kB)
      ssasa.jpg (87.8 kB)
  • Feb 23, 2017 at 02:28 PM

    Hi Nidhi

    A couple of things to check:

    • Has the HCI certificate been imported into STRUST on the ECC side?
    • Has SSL been activated in the SM59 destination, and is it using the PSE that the certificate was actually imported into?
    • Is the HTTPS ICM service running on the ECC side? (check in tcode SMICM => Goto => Services)
    • Does the user provided in SM59 have the ESBMessaging.send role? You can check this in the HCP cockpit.

    Regards,

    Morten

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Nidhi

      Regarding PSE, this just means the folder, you imported the certificate into in STRUST, must match the folder selected in SM59, when activating SSL.

      Regarding how to assign the ESBMessaging.send role, proceed as follows in the HCP cockpit: Choose Security from the "hamburger" menu => Authorizations => Users => Enter your user => Assign => Choose the IFLMAP application => Choose role ESBMessaging.send => Save.

      Regards,

      Morten

  • Feb 24, 2017 at 08:50 AM

    Hi Nidhi,

    based on the screenshots it seems that the SSL connection is ok.
    But as i see you are going to assign the role for the API management account, and not for the HCI account.
    The choosen account needs to be your iflmap node. Please also read this note:


    https://launchpad.support.sap.com/#/notes/2384252
    https://launchpad.support.sap.com/#/notes/2354728

    Best Regards,
    Viktor

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 24, 2017 at 09:12 AM

    Hi Morten/Victor,

    Thanks for your response.

    I am unable to get the IFLMAP node in the application.

    Choose Security from the "hamburger" menu => Authorizations => Users => Enter your user => Assign => Choose the IFLMAP application => Choose role ESBMessaging.send => Save.

    Do I need to check or enable some other options to get the IFLMAP option.

    Thanks,

    Nidhi

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 24, 2017 at 09:37 AM

    Hi Nidhi,
    can you tr to switch between the accounts you have in HCP Cockpit? At the top of the screen you see "Europe" -> "SAP API Management" -> here you should be able to switch to the other HCI account.
    Best Regards,
    Viktor

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Victor,

      I tried with other location but I don't have access for other locations. I think I have access for Europe location only.

      And the overview tab is having only API Mgt Screen.

      Below are the details of the HCI tenant; Order Details which we are having:

      SAP HANA Cloud Integration, ( Hana Cloud Integration Developer Edition, 8003341 )
      Account: Partner Development

      Not sure if I am looking wrong window.

      Please suggest.

      Thanks,

      Nidhi Srivastava

      xasa4.jpg (17.3 kB)
  • Feb 24, 2017 at 02:03 PM

    Hi Nidhi,
    cool, it is great that you could find the correct account.
    Regarding to the error: could you please share some further details? Screenshots, ICM traces, every other details what you can see in the sender system...
    Best Regards,
    Viktor

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 01, 2017 at 10:07 AM

    Hi Nidhi,


    according to this error it seems that the SSL handshake to the p1015 HCI tenant is failing.
    But at the very first screenshot you showed a successfull SSL handshake in the RFC destination.
    So either in the meantime something was changed and now the SSL handshake is failing, or you are not using the same RFC destination in the IDOC port to transmit the data to HCI.
    So please check:
    - if the target HCI host is correct in the RFC destiantion, and the connection test is successfull about the SSL handshake
    - if you are using this RFC destination in the port you are using in WE21 transaction.

    Best Regards,
    Viktor

    ,

    Hi Nidhi,

    according to this error it seems that the SSL handshake to the p1015 HCI tenant is failing.
    But at the very first screenshot you showed a successfull SSL handshake in the RFC destination.
    So either in the meantime something was changed and now the SSL handshake is failing, or you are not using the same RFC destination in the IDOC port to transmit the data to HCI.
    So please check:
    - if the target HCI host is correct in the RFC destiantion, and the connection test is successfull about the SSL handshake
    - if you are using this RFC destination in the port you are using in WE21 transaction.

    Best Regards,
    Viktor

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Victor,

      The first screenshot shows some SSL Handshake, but I don't think it is positive handshake.It is just showing SSL handshake with this hci....

      When trying to trigger IDoc, it get stuck in Status 02. After checking with basis team, we got to know that ECC certificate is self signed and not CA Authorized.Will this matter?

      Is there any pre-requisite related to certificates CA authorization while connecting to HCI?

      Please suggest.

      Thanks,

      Nidhi Srivastava

  • Mar 10, 2017 at 09:02 AM

    Issue Resolved. Certificate needs to be taken from the endpoint URL instead of the Home Page URL.

    Thanks,
    Nidhi Srivastava

    Add comment
    10|10000 characters needed characters exceeded