cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP PI integration with Salesforce : do I need a certificate?

former_member450012
Explorer

on ‎09-12-2017 8:54 AM

0 Kudos

Hi to all,

I am trying to made my first integration flow with the Salesforce system just to get back the sessionId and the url where to submit my future request but I am facing this error:

com.sap.aii.mapping.lookup.LookupException: Exception during processing the payload. Error when calling an adapter by using the communication channel CC_SOAP_TEST_CONNECTION (Party: , Service: BS_VEEVA_DEV, Object ID: 6b493826b23a350a8862e992e805addf) XI AF API call failed. Module exception: 'com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. Cause Exception: 'iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. com.sap.aii.mapping.lookup.LookupException: Error when calling an adapter by using the communication channel CC_SOAP_TEST_CONNECTION (Party: , Service: BS_VEEVA_DEV, Object ID: 6b493826b23a350a8862e992e805addf) XI AF API call failed. Module exception: 'com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. Cause Exception: 'iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'.


I was following this tutorial and it doesn't speaks about any certificate:

https://archive.sap.com/kmuuid2/50a76cfa-4966-2d10-aba7-da496d9b5bcf/Salesforce.com%20Integration%20...

Do I need to use a certificate provided me from Salesforce? Where I can download it? Then I have to use it in my chanel specifing it in this section?

Thanks and regards,

Antonello

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

former_member186851
Active Contributor
‎09-12-2017 2:29 PM

In the channel did you disable the configure certificate option?

Show replies
Show replies
former_member450012
Explorer
‎09-12-2017 2:37 PM
0 Kudos

Hi Raghuraman,

yes I did !! As you can see below:

former_member186851
Active Contributor
‎09-12-2017 3:05 PM
0 Kudos

Looks interesting,When ping is succesfull dono why its failing in runtime.

Can you try stop/starting the channel or re-configuring the channel.

former_member450012
Explorer
‎09-12-2017 3:22 PM
0 Kudos

Ok, I tried another way now. I created a new one SOAP channel and now the calls works but the result it's an error:

XIAdapter/PARSING/ADAPTER.SOAP_EXCEPTION - soap fault: No operation available for request {urn:enterprise.soap.sforce.com}login


The channel is configured right, as you can see above, in the message before, with the login action. This is the complete trace of the test mapping i attachment ... I used **** for user and password to cover my credentials ...trace.txt

former_member186851
Active Contributor
‎09-12-2017 3:59 PM
0 Kudos

Check the Soap action and also get the payload from monitoring ,test in SOAP UI.

former_member450012
Explorer
‎09-12-2017 4:36 PM
0 Kudos

I am not using sxi_monitor now it's only a test message in ESB.

former_member186851
Active Contributor
‎09-13-2017 8:46 AM
0 Kudos

Get the XML after mapping and test it in UI, Could be something wrong in payload as well.

former_member450012
Explorer
‎09-13-2017 9:46 AM
0 Kudos

I tried changing many things but nothig, this is the udf that is used:

AbstractTrace trace = container.getTrace();


String sessionId = "";
String url="";


// addInfo("String");
trace.addWarning("**************** START TRACE ***************");


try {


	Channel channel = LookupService.getChannel("BS_VEEVA_DEV","CC_SOAP_LOGIN_SALESFORCE");
    trace.addWarning("**************** CHANNEL *************** " + channel);
    SystemAccessor accessor = null;
    accessor = LookupService.getSystemAccessor(channel);
    trace.addWarning("**************** ACCESSOR *************** " + accessor);
    String loginxml = "<login xmlns=\"urn:enterprise.soap.sforce.com\"><username>" +
        username +
        "</username><password>" +
        password +
        "</password></login>";
    trace.addWarning("**************** LOGIN XML *************** " + loginxml);
    InputStream inputStream = new ByteArrayInputStream(loginxml.getBytes());
    trace.addWarning("**************** INPUT STREAM *************** " + inputStream);
    Payload payload = LookupService.getXmlPayload(inputStream);
    trace.addWarning("**************** PAYLOAD *************** " + payload);
    Payload soapOutPayload = null;
    soapOutPayload = accessor.call(payload);
    trace.addWarning("**************** SOAP OUTPAYLOAD *************** " + soapOutPayload);
	trace.addWarning("********************************************************************");
	trace.addWarning("Send soap Request --> " + payload);
	trace.addWarning("********************************************************************");
    trace.addWarning("Return soap response --> " + soapOutPayload.toString());
	trace.addWarning("********************************************************************");
    InputStream inp = soapOutPayload.getContent();


    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    DocumentBuilder builder = factory.newDocumentBuilder();
    Document document = builder.parse(inp);


    NodeList sessionId1 = document.getElementsByTagName("sessionId");
    Node node = sessionId1.item(0);


    if (node != null) {
        node = node.getFirstChild();
        if (node != null) {
            sessionId = node.getNodeValue();
        }
    }
    
    //Code to set Dynamic url
    NodeList urlnodelist = document.getElementsByTagName("serverUrl");
    Node urlnode = urlnodelist.item(0);


    if (urlnode != null) {
        urlnode = urlnode.getFirstChild();
        if (urlnode != null) {
            url = urlnode.getNodeValue();
        }
    }
    //Get the dynamic configuration from the container
    DynamicConfiguration conf = (DynamicConfiguration) container.getTransformationParameters().get(StreamTransformationConstants.DYNAMIC_CONFIGURATION);
    //Create the TServerLocation key in namespace http://sap.com/xi/XI/System/SOAP. This key will hold the dynamically created URL
    DynamicConfigurationKey key = DynamicConfigurationKey.create("http://sap.com/xi/XI/System/SOAP", "TServerLocation");


    //Put the url value from the input in the configuration under the specified key
    conf.put(key, url);


    
} catch (Exception e) {
    trace.addDebugMessage(e.toString());
    e.printStackTrace();
}


return sessionId;

And this is the error in the trace, I don't now where to see the payload of the message, in the SOAP channel i don't see it and in the SalesForce system I don't know If I can see it and where:

10:41:00 Start of test
Document start
 
**************** START TRACE ***************
 
**************** CHANNEL *************** CC_SOAP_LOGIN_SALESFORCE (Party: , Service: BS_VEEVA_DEV, Object ID: 4c64998ce9d339dbbf7bc163332f4303)
 
**************** ACCESSOR *************** com.sap.aii.mapping.lookup.SystemAccessor@20e9f4aa
 
**************** LOGIN XML *************** <login xmlns="urn:enterprise.soap.sforce.com"><username>******</username><password>****</password></login>
 
**************** INPUT STREAM *************** java.io.ByteArrayInputStream@5fbdd5c7
 
**************** PAYLOAD *************** com.sap.aii.mapping.lookup.XmlPayload@281e2cec
com.sap.aii.mapping.lookup.LookupException: Exception during processing the payload. Error when calling an adapter by using the communication channel CC_SOAP_LOGIN_SALESFORCE (Party: , Service: BS_VEEVA_DEV, Object ID: 4c64998ce9d339dbbf7bc163332f4303) XI AF API call failed. Module exception: 'SOAP adapter processing error'. Cause Exception: 'SOAP: response message contains an error XIAdapter/PARSING/ADAPTER.SOAP_EXCEPTION - soap fault: No operation available for request {urn:enterprise.soap.sforce.com}login'.


 com.sap.aii.mapping.lookup.LookupException: Error when calling an adapter by using the communication channel CC_SOAP_LOGIN_SALESFORCE (Party: , Service: BS_VEEVA_DEV, Object ID: 4c64998ce9d339dbbf7bc163332f4303) XI AF API call failed. Module exception: 'SOAP adapter processing error'. Cause Exception: 'SOAP: response message contains an error XIAdapter/PARSING/ADAPTER.SOAP_EXCEPTION - soap fault: No operation available for request {urn:enterprise.soap.sforce.com}login'.
former_member186851
Active Contributor
‎09-13-2017 12:33 PM
0 Kudos

Is new channel configured-CC_SOAP_LOGIN_SALESFORCE?

If not please change the UDF as per the new channel and test it.

former_member450012
Explorer
‎09-13-2017 1:59 PM
0 Kudos

What? I have to create a new one channel and test with it?

manoj_khavatkopp
Active Contributor
‎09-12-2017 9:06 AM

Hi Antonello,

  • You can browser the URL which you using in channel from browser and download the certificates from that or else you can run the XPI Inspector on this channel and get the certificates from there too.
  • Once you have those certificates install inthem in TrustedCA's view.
  • No need to configure anything in the channel as channel reads the complete TrustedCA's for server authentication.

Thanks,

Manoj

Show replies
Show replies
former_member450012
Explorer
‎09-12-2017 9:35 AM
0 Kudos

Hi Manoj,

i didn't know this tool, I'll try to use it and then i will be back to you if I have problems 😉 thanks for now ..

manoj_khavatkopp
Active Contributor
‎09-12-2017 9:47 AM

You may refer this blog for XPI_Inspector

former_member450012
Explorer
‎09-12-2017 10:01 AM
0 Kudos

thanks so much ... I'll try to download the certificate before to use XPI inspector ..

former_member450012
Explorer
‎09-12-2017 2:11 PM
0 Kudos

Ok, i download it and install it as the blog say it and the ping on the SOAP now it's green, before it was red!!

Anyway, if I use the test in the mapping I have the same error like before:

com.sap.aii.mapping.lookup.LookupException: Exception during processing the payload. Error when calling an adapter by using the communication channel CC_SOAP_TEST_CONNECTION (Party: , Service: BS_VEEVA_DEV, Object ID: 6b493826b23a350a8862e992e805addf) XI AF API call failed. Module exception: 'com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. Cause Exception: 'iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. com.sap.aii.mapping.lookup.LookupException: Error when calling an adapter by using the communication channel CC_SOAP_TEST_CONNECTION (Party: , Service: BS_VEEVA_DEV, Object ID: 6b493826b23a350a8862e992e805addf) XI AF API call failed. Module exception: 'com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. Cause Exception: 'iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'.


Some idea?

manoj_khavatkopp
Active Contributor
‎09-12-2017 4:46 PM
0 Kudos

Hi,

Are you sure this is a valid API which you are calling : https://test.salesforce.com/services/soap/u/40.0

Thanks,

Manoj

former_member450012
Explorer
‎09-12-2017 4:55 PM
0 Kudos

I already change it, as you can see the screen above 😉 now is with the c letter but I received the same error :

XIAdapter/PARSING/ADAPTER.SOAP_EXCEPTION - soap fault: No operation available for request {urn:enterprise.soap.sforce.com}login

manoj_khavatkopp
Active Contributor
‎09-14-2017 6:28 AM
0 Kudos

i would suggest you to test with soap ui once that gives u hint where u r going wr

former_member450012
Explorer
‎09-14-2017 9:47 AM
0 Kudos

Ok, I found the solution. I need to apply a note: 2344735 - PI: Salesforce error with TLS 1.0.

Show replies
Show replies
former_member450012
Explorer
‎09-14-2017 9:36 AM
0 Kudos

Ok guys, SAP PI is always weird 😉 I created a new channel and now it works but I have a last problem, I have to search how to skip it, TLS 1.0 is to much low to login into Salesforce, this is the last response of the API, suggestions?

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sf="urn:fault.enterprise.soap.sforce.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<soapenv:Body>
		<soapenv:Fault>
			<faultcode>sf:UNSUPPORTED_CLIENT</faultcode>
			<faultstring>UNSUPPORTED_CLIENT: TLS 1.0 has been disabled in this organization. Please use TLS 1.1 or higher when connecting to Salesforce using https.</faultstring>
			<detail>
				<sf:UnexpectedErrorFault xsi:type="sf:UnexpectedErrorFault">
					<sf:exceptionCode>UNSUPPORTED_CLIENT</sf:exceptionCode>
					<sf:exceptionMessage>TLS 1.0 has been disabled in this organization. Please use TLS 1.1 or higher when connecting to Salesforce using https.</sf:exceptionMessage>
					<sf:upgradeURL>https://cs83.salesforce.com/secur/weakhttps.jsp?l=1</sf:upgradeURL>
					<sf:upgradeMessage>Stronger security is required</sf:upgradeMessage>
				</sf:UnexpectedErrorFault>
			</detail>
		</soapenv:Fault>
	</soapenv:Body>
</soapenv:Envelope>
Show replies
Show replies
Ask a Question