Skip to Content

SCPI -> C4C: 401 Error using Client Certificate based Authentication

Dear experts,

we are facing the following authorization issue for a connection from SAP Cloud Platform Integration to C4C:

The CPI-Keystore already contains a key pair with alias "hcicertificate" - owner SAP. Intention was to use this key pair for certificate-based client authentication. Steps done so far:

  1. SOAP receiver channel configured to use "Client Certificate" authentication, alias set to "hcicertifcate"
  2. Inbound Communication Arrangement in C4C configured for certificate-based client authentication as well.
  3. Export of hcicertificate and import into communication arrangement
  4. Communication arrangement reactivated and CPI-integration flow deployed again

When sending a test message from CPI to C4C there is a authenitcation error returened:

org.apache.cxf.interceptor.Fault: Could not send Message., cause: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with xxxxxxx

Any other ideas what is causing this or if there is anything missing?

Thank you very much!

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Sep 04, 2017 at 02:56 PM

    Did you solve this? Having a similar problem right now.

    Add comment
    10|10000 characters needed characters exceeded

    • Sharad Dixit Florian Guppenberger

      Hi Florian,

      It's strange if you are getting 401 with steps given by you. Have you already created the incident for this issue?
      Also, can you try again without giving any value in alias?


  • avatar image
    Former Member
    Feb 28, 2018 at 04:21 AM


    Apart from above mentioned steps, also add HCI Keypair in C4C ( ADMINISTRATOR-->COMMON TASKS--> Edit Certificate Trust List). The HCI Keypair contain complete chain of certificate which should also be maintained in C4C.

    Add comment
    10|10000 characters needed characters exceeded