on 12-10-2010 4:45 PM
Hi All,
I have a requirement where i am using Soap Adapter to make an https connection. I looked at sdn and found below link at last comment saying that its possible. Can some one provide me some guidance how to configure these modules.
I tried configuring the soap adapter but communication channel throws error saying
"Message processing failed. Cause: com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier"
While there is no certictae provided to us.
Can some one please guide or suggest me the steps.
Thanks
-Kulwant
Kulwant,
PI is complaining about the certificate from the https server.
If you try to open the URL you have configured in the comm channel through your browser, it'll probably show some kind of "bad certificate" message.
On your browser, it's possible to get the server certificate from the lock icon on the status bar. Open the server certificate, go to the certificate chain (last tab) and go to the uppermost certificate in the chain. That is the root CA certificate that is not trusted by PI. Open that root CA Certificate and save the file locally (should be a .cer file, if asked, chosse Base64 format).
Then load the .cer file into the TrustedCAs view of the Key Store service in the Visual Administrator of PI.
Now the IAIK should stop complaining about this certificate.
Best regards,
Henrique.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
You only need to download the chain of certificates when you have an end certificate that has a chain of two or three certs
e.g when you double-click the end certificate and go to the certification path
Verisign Class 3 Primary CA (Root CA)
\----> Verisign Class 3 Secure Server CA (Intermediate CA)
\ ----> domain.com (end certificate)
you will see that there are three certs, now, to complete the chain, you also need to extract the intermediate and root ca.
example: to extract the intermediate CA
1. Go to certification path
2. Click the intermediate CA
3. Click view certificate
4. Go to details
5. And click copy to file (make sure that there are in the same exported format as your end certificate)
Hope this helps,
Mark
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.