Skip to Content
1
Aug 27, 2023 at 06:47 PM

#SCPI : why CPI Load balancer certificate in sender system required?

191 Views

Hi Experts,

I have a scenario where 3rd party system sends the data to SAP CPI and SAP CPI returns the response back.

For inbound HTTP certificate-based connection, its is mentioned in the SAP blogs to install CPI root certificate in senders keystore so that load balancer certificates will be trusted.

Cloud Integration on CF – How to Setup Secure HTTP Inbound Connection with Client Certificates | SAP Blogs

image.png

My question is why sender has to trust the load balancer root certificate? Here sender is sending the data to SAP CPI and SAP CPI load balancer will check the sender's signed certificate (CA supported by LB) So, LB only checks sender CA signed certificate then why sender has to trust the load balancer certificate? where it will be verified and in which step?


Client Certificate Based Authentication for HTTPS/IDOC Inbound Connection in SAP CPI | SAP Blogs

image.png

Please clarify my doubts.

Attachments

image.png (35.6 kB)
image.png (34.3 kB)