Skip to Content

SAP PI integration with Salesforce : do I need a certificate?

Hi to all,

I am trying to made my first integration flow with the Salesforce system just to get back the sessionId and the url where to submit my future request but I am facing this error:

com.sap.aii.mapping.lookup.LookupException: Exception during processing the payload. Error when calling an adapter by using the communication channel CC_SOAP_TEST_CONNECTION (Party: , Service: BS_VEEVA_DEV, Object ID: 6b493826b23a350a8862e992e805addf) XI AF API call failed. Module exception: 'com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. Cause Exception: 'iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. com.sap.aii.mapping.lookup.LookupException: Error when calling an adapter by using the communication channel CC_SOAP_TEST_CONNECTION (Party: , Service: BS_VEEVA_DEV, Object ID: 6b493826b23a350a8862e992e805addf) XI AF API call failed. Module exception: 'com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'. Cause Exception: 'iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier'.


I was following this tutorial and it doesn't speaks about any certificate:

https://archive.sap.com/kmuuid2/50a76cfa-4966-2d10-aba7-da496d9b5bcf/Salesforce.com%20Integration%20Using%20SAP%20PI%3A%20A%20Case%20Study

Do I need to use a certificate provided me from Salesforce? Where I can download it? Then I have to use it in my chanel specifing it in this section?

Thanks and regards,

Antonello

cattura.jpg (43.6 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

4 Answers

  • Sep 12, 2017 at 01:29 PM

    In the channel did you disable the configure certificate option?

    Add comment
    10|10000 characters needed characters exceeded

  • Sep 12, 2017 at 08:06 AM

    Hi Antonello,

    • You can browser the URL which you using in channel from browser and download the certificates from that or else you can run the XPI Inspector on this channel and get the certificates from there too.
    • Once you have those certificates install inthem in TrustedCA's view.
    • No need to configure anything in the channel as channel reads the complete TrustedCA's for server authentication.

    Thanks,

    Manoj

    Add comment
    10|10000 characters needed characters exceeded

  • Sep 14, 2017 at 08:36 AM

    Ok guys, SAP PI is always weird ;) I created a new channel and now it works but I have a last problem, I have to search how to skip it, TLS 1.0 is to much low to login into Salesforce, this is the last response of the API, suggestions?

    <?xml version="1.0" encoding="UTF-8"?>
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sf="urn:fault.enterprise.soap.sforce.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    	<soapenv:Body>
    		<soapenv:Fault>
    			<faultcode>sf:UNSUPPORTED_CLIENT</faultcode>
    			<faultstring>UNSUPPORTED_CLIENT: TLS 1.0 has been disabled in this organization. Please use TLS 1.1 or higher when connecting to Salesforce using https.</faultstring>
    			<detail>
    				<sf:UnexpectedErrorFault xsi:type="sf:UnexpectedErrorFault">
    					<sf:exceptionCode>UNSUPPORTED_CLIENT</sf:exceptionCode>
    					<sf:exceptionMessage>TLS 1.0 has been disabled in this organization. Please use TLS 1.1 or higher when connecting to Salesforce using https.</sf:exceptionMessage>
    					<sf:upgradeURL>https://cs83.salesforce.com/secur/weakhttps.jsp?l=1</sf:upgradeURL>
    					<sf:upgradeMessage>Stronger security is required</sf:upgradeMessage>
    				</sf:UnexpectedErrorFault>
    			</detail>
    		</soapenv:Fault>
    	</soapenv:Body>
    </soapenv:Envelope>
    
    Add comment
    10|10000 characters needed characters exceeded

  • Sep 14, 2017 at 08:47 AM

    Ok, I found the solution. I need to apply a note: 2344735 - PI: Salesforce error with TLS 1.0.

    Add comment
    10|10000 characters needed characters exceeded