Skip to Content
Former Member
Apr 30, 2009 at 08:20 PM

SOAP Adapter with Security Levels - HTTP & HTTPS


We have a successfully working interface scenario where SAP XI is hosting a web service and the partner systems calling it using SOAP Adapter URL http://host:port/XISOAPAdapter/MessageServlet?channel=:service:channel with Security Level HTTP on the SOAP Sender Communication channel.

Going forward, for other similar interfaces (SAP XI hosting Web Service and partner systems calling it), we would like to use HTTPS and/or certificates.

If we enable HTTPS on XI J2EE server as per the guide How to configure the [SAP J2EE Engine for using SSL - Notes - PDF|]....

can partner systems still use the URL http://host:port/XISOAPAdapter/MessageServlet?channel=:service:channel or should they switch to https://host:port/XISOAPAdapter/MessageServlet?channel=:service:channel?

can we continue to have the existing interface working using HTTP Security Level i.e. partners not having to send the certificate with each message?

If we use HTTPS security level, is it mandatory for the partner system need to send the certificate? Is it possible to have an HTTPS scenario w/o certificates?

What is the difference between Security Levels 'HTTPS Without Client Authentication' & 'HTTPS with Client Authentication'?

I appreciate your inputs on this.

thx in adv


PS: We are currently on SAP PI 7.0 SP17