Skip to Content

SCPI -> C4C: 401 Error using Client Certificate based Authentication

Aug 22, 2017 at 12:22 PM


avatar image

Dear experts,

we are facing the following authorization issue for a connection from SAP Cloud Platform Integration to C4C:

The CPI-Keystore already contains a key pair with alias "hcicertificate" - owner SAP. Intention was to use this key pair for certificate-based client authentication. Steps done so far:

  1. SOAP receiver channel configured to use "Client Certificate" authentication, alias set to "hcicertifcate"
  2. Inbound Communication Arrangement in C4C configured for certificate-based client authentication as well.
  3. Export of hcicertificate and import into communication arrangement
  4. Communication arrangement reactivated and CPI-integration flow deployed again

When sending a test message from CPI to C4C there is a authenitcation error returened:

org.apache.cxf.interceptor.Fault: Could not send Message., cause: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with xxxxxxx

Any other ideas what is causing this or if there is anything missing?

Thank you very much!

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Jens Schwendemann Sep 04, 2017 at 02:56 PM

Did you solve this? Having a similar problem right now.

Show 2 Share
10 |10000 characters needed characters left characters exceeded


unfortunately no resolution for this issue so far. I have temporarily switched back to basic authentication, but need to come up with a solution before the developments are moved to prod.

Florian Guppenberger

Hi Florian,

It's strange if you are getting 401 with steps given by you. Have you already created the incident for this issue?
Also, can you try again without giving any value in alias?


avatar image
Former Member
Feb 28 at 04:21 AM


Apart from above mentioned steps, also add HCI Keypair in C4C ( ADMINISTRATOR-->COMMON TASKS--> Edit Certificate Trust List). The HCI Keypair contain complete chain of certificate which should also be maintained in C4C.

10 |10000 characters needed characters left characters exceeded