Skip to Content
Former Member
Oct 02, 2008 at 02:02 AM

HTTPS message with RSA and SHA1.



I have the following situation.

I have developed an integration scenario in SAP PI 7.0, where I'm using an inbound ABAP Proxy to perform a HTTPS POST to an external application. The company which developed the external application gave us a client certificate, which uses RSA and SHA1. So we loaded it to the standard client PSE using transaction STRUST (we have SAPCRYPTOLIB installed), and used this PSE in a RFC destination, which we use to perform de HTTPS POST to the external application in the ABAP Proxy.

Everything was working fine until the certificate reached its expiration date, so we loaded the new certificate provided by the external company (which also uses RSA and SHA1) to the same PSE. After that the HTTPS communication is still working, but the external application sends a response message indicating that it doesn't understand our message.

We tried deleting de PSEs and creating them again, and then loading the certificate again, but the result is the same. If we test a message without the certificate the response from the external application is OK.

Could it be possible that the new certificate is different than the older (something different with the RSA and SHA1 algorithms), and our SAPCRYPTOLIB installation doesn't support it?

In ICM trace I see the following message:

Current Cipher: SSL_RSA_WITH_RC4_128_SHA

Is this OK?

Can someone help me with this issue?

Thanks in advance.