on 03-02-2018 9:44 AM
Recently we’ve received information about certificates update.
Our scenario is 2) Outbound Communication to External Systems.
We have integration between C4C and CRM through HCI and all C4C Outbound web services are currently using SSL Client Authorization.
Judging from the above article we need to extract SSL Client Certificate and update every iFlow which is consuming C4C Outbound interface.
An unclear part is SAPPassportCA.der – root certificate. Should we install this into HCI key store or somewhere else?
Dear Olegs Veliks,
Yes you are right, you need to import new SAP Passport CA into your HCI Keystore, and then download the new M-User certificate from C4C system(Either from Outbound Communication Arrangement OR Administrator>>Communication Certificates>>Download Tenant Certificate) and upload into your IFlows(Sender channel).
Make sure to map this M-User certificate to HCI User.
Regards,
Shivanand B H
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks a lot for reply.
My question was only related to C4C Outbound flows. For some reason I cannot see any certificate in Administrator - Communication Certificates. So the only way I can get it is Communication Arrangement.
Can you please clarify why to map M-User certificate to HCI User? Where to do this? In HCI Manage Certificate-to-User Mappings? Currently we do not have any entry there, but still are able to use certificate based auth.
Dear Olegs Veliks,
You should be able to see a button "Download Tenant Certificate" under Administrator>>Communication Certificates. If you are unable to see this button, then you can raise an incident to SAP, and in the meantime you can download it from the arrangement.
M-User certificate is the one which download with these steps, and this is used in HCI IFlow sender channel. However considering there will be many IFlows so uploading the certificate to every one of them may be time consuming, hence the short cut would be assign this certificate to an user in HCI(Manage Certificate-to-User Mappings), and use that user id in every IFlow. This may save you lot of time.
For this to work, you need to use "User Role" authentication mode in HCI Sender Channel, and in Externalized Parameters, provide the HCI Artifact name.
Regards,
Shivanand B H
Hi,
I applied the new SAP passport root CA to the HCI keystore, however all my integration scenarios from C4C to HCI fail with "401 - unauthorized" since today. I also checked the M-certificate from C4C, this did not change, it is still the same than half a year ago or so. Any idea what the issue here might be?
Regards,
Dennis
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.