on 03-16-2017 7:46 AM
Hi PI Gurus,
I see that this certificate issue has been asked a couple of times. It even has its own SAP Note 2385969.
I have tried all of those though, but we're still getting this error in xpi inspector. The patches are all updated. The client certificate used in the SOAP receiver channel which was issued by the CAs listed in the xpi inspector is trusted by the target server.
We also tried using soapUI and used PI's private client certificate key and the connection was established successfully. It's only failing when we test using xpi inspector and when we're doing the end to end test.
This is the steps we took:
1. Firewalls opened in Target server
2. Target server has provided the public key certificate chain to PI.
3. Basis deployed the whole certificate chain in NWA TrustedCAs
a. This seems to be working already based on the XPI_inspector logs
4. PI generated own certificate chain and it’s in TrustedCAs
a. PI provided the public key to target already
b. also tried using a different view but it still fails
c. Target deployed the certificate already on their side
5. Used the PI's private key in the SOAP channel
6. The SSL Provider service was restarted already
Hi,
I'm sorry for a such childish question, but have you restarted your communication channel?
Regards,
Andrzej
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes the contact from the target said they are sure.
By the way I noticed in the XPI inspector logs for
Verify Local SSL Client Key Pair:
that there is only one certificate even though we have an intermediary and root certs.
Private Key View/Entry: TrustedCAs/cert
Algorithm: RSA
Format:
PKCS#8
Found Certificate chain with 1 elements:
Certificate:
#0Certificate:
#0
SubjectDN: CN:test
IssuerDN: CN=test
User | Count |
---|---|
87 | |
10 | |
9 | |
9 | |
9 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.