on 07-08-2018 10:53 AM
Hi SolArchs and SAPExperts,
Is there a golden blueprint to connect SAP Cloud Platform Mobile Service DevOps (incl. Consumer Edition) to On-Premise SAP HANA 2.0 Express edition?
Let's take a following scenario:
1/ There is a MTA Application exposing its API via XSOData. It's developed and running on SAP HANA 2.0 Express edition XSA host. No Java, no ABAP in stack, only Node, CDS and OData.
2/ There is a Native iOS Mobile Application definition exposing its API to SAP Cloud Platform SDK for iOS Xcode Application.
3/ We need to establish a destination API from Native iOS Mobile app on SCP Mobile [2] to a MTA app on HANA Express host [1].
The issue I face:
1/ Destination from Native iOS Mobile app on SCP Mobile [2] to SAP HANA Developer Trial database (on HANA 1.0 Neo environment) works perfectly in full development & test scenario.
2/ My attempts to create a Destination from Native iOS Mobile app on SCP Mobile [2] to Internet enabled XSOData services from MTA app on HANA Express host [1] were fail with ping errors and raised hard exceptions from Native iOS app.
3/ The only solution I found from official documentation is to install SAP Cloud Connector into the On-Primise HANA Express network and connect SCP Mobile app via it. Not so brilliant from the TCO PoW as it's require separate (better two or four for failover) host machine, brings redundant (in my case, sometimes it's required) tunneling into landscape over HTTPS public channel.
Your global experience and guidance would be much appreciated.
Thanks,
Valery
Hi Valery,
From what I could understand you are trying to consume a HXE exposed service via an Internet Destination. However, the destination service is not able to load the xsodata because it is not trusting the SSL handshake being provided by your HXE box. The following error is clear to me:
unable to find valid certification path to requested target
You should either add all CA Root certificates being provided by your HXE box in the SCP. Under the destination there is a flag called "Use default JDK truststore". Uncheck it and you will be able to upload a certificate there. If can also upload a custom trust store (jks) and then you should provide its password (useful when the certification path can root and intermediate certificates).
You can do this also using the neo command line tool. The blog is a bit old, but it should still work for a destination used by Mobile Services.
Best regards,
Ivan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.