Hi,

The FAQ note is very complex. I found a SDN blog which is explaining it very simple. /people/pravesh.puria/blog/2009/08/26/adding-usernametoken-timestamp-in-soap-adapter-using-axis-framework You could have problem to see the pictures because wrong certificate issue. You should open one of the pictures in another browser and accept the certificate.

Anyway i applied teh blog but got the below error.

Axis: error in invocation: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

How can i import server certificate to the PI or Java stack?

Kind regards,

Altuğ Bayram

Hi Stefan,

I dont understand how the log_mod.png image will help to me? It is about to have a special log file.

Kind regards,

Altuğ Bayram

Hi Stefan

I arranged them as below and it gave me "Axis: error in invocation: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" error.

What is missing?

Kind regards,

Altuğ Bayram

1 AF_Adapters/axis/AFAdapterBean Local Enterprise Bean afreq

2 AF_Adapters/axis/HandlerBean Local Enterprise Bean xireq

3 AF_Adapters/axis/HandlerBean Local Enterprise Bean wssec

4 AF_Adapters/axis/HandlerBean Local Enterprise Bean trp

5 AF_Adapters/axis/HandlerBean Local Enterprise Bean xires

6 AF_Adapters/axis/AFAdapterBean Local Enterprise Bean afres

trp handler.type java:com.sap.aii.adapter.axis.ra.transport.http.HTTPSender

trp module.pivot true

wssec action UsernameToken Timestamp

wssec handler.type java:com.sap.aii.adapter.axis.ra.handlers.security.WSDoAllSender

wssec passwordType PasswordDigest

wssec pwd.password yyyyyyyyyy

wssec user xxxxxxxxx

xireq handler.type java:com.sap.aii.axis.xi.XI30OutboundHandler

xires handler.type java:com.sap.aii.axis.xi.XI30OutboundHandler

Hi Stefan,

I tried but it didn't help. I tried also other parameters because it was advised by the third party WS privider.

trp handler.type java:com.sap.aii.adapter.axis.ra.transport.http.HTTPSender

trp module.pivot true

wssec action UsernameToken Timestamp

wssec addUTElement Nonce Created

wssec handler.type java:com.sap.aii.adapter.axis.ra.handlers.security.WSDoAllSender

wssec password xxxxxxxxx

wssec passwordCallbackClass com.sap.aii.axis.security.DefaultPasswordCallbackHandler

wssec passwordType PasswordDigest

wssec pwd xxxxxxxxx

wssec pwd.password xxxxxxxxx

wssec user baskentedas

xireq handler.type java:com.sap.aii.axis.xi.XI30OutboundHandler

xires handler.type java:com.sap.aii.axis.xi.XI30OutboundHandler

I am getting "<SAP:AdditionalText>com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.lang.IllegalArgumentException: pwd == null but a password is needed</SAP:AdditionalText> " error.

But when i checked the message content in RWB i couldnt found any wsse:Security SOAP header. The WS provider told us the example SOAP message should have SOAP header as below

"<wsse:Security soapenv:mustUnderstand="true">"

"<wsu:Timestamp wsu:Id="Timestamp-27789929">"

Hi Altuğ,

 I tried but it didn't help. I tried also other parameters because it was advised by the third party WS privider. 

When someone tells you to do something without any explanation, it is wise not to blindly follow the advice.

As you can see in the error test, your original problem had something to do with the transport level security SSL.

You should make sure that your SSL connection is working (I suppose you intended to use SSL).

After fixing your SSL issue, revert the handler/module configuration. You had been mislead to change the configuration for no reason. Your latest error "pwd == null" says you have the broken parameter "pwd". "pwd" is the prefix to hide the password text in the configuration UI, so you can't just use it as a parameter as it is.

And also get rid of the passwordCallbackClass parameter.

If you want to test the module/handler configuration, I suggest you to send a message to some plain http port so that you can verify the message is correctly transmitted. RWB can only display a message at the messaging system and not at an adapter, so there is no point in using it.

Regards, Yza

Hi Yza,

Thanks for advice. I have resolved the issue yesterday myself but the advice from third party WS provider was explained. It was lack of knowledge how to use them.

First, i detected that SAP JVM 1.5 doesnt have GlobalSign as trusted Certificate Issuer. I found InstallCert java source code on internet and generated a keystore for GlogalSign and deployed it to PI SAP JVM. That solved certificate issue.

Second, i have removed passwordCallbackClass etc but left the "addUTElement" as it is. But this time i got an error that says soapaction wasnt in SOAP header. When i set soapaction in ReceiverChannel, I could consume WS and get the response.

Thanks and Kind regards,

Altuğ Bayram