on 05-01-2013 3:39 PM
Hello Everyone,
We have to implement a scenario (SOAP -> PI -> RFC) and secure the requests coming on SOAP sender channel. I have created all the artifacts required for the configuration scenario and created the WSDL through Sender Agreement.
For Security I have implemented
When I try to invoke the "https" URL from SOAP UI I get the error
I am able to invoke the "http" URL successfully from SOAP UI, after changing the security level to HTTP in the Sender Channel.
What are the parameters that I need to change in SOAP UI/PI to ensure that the communication happens successfully?
Regards
Thanks Everyone,
One question though,
For the option of "HTTPS without Client Authentication", do I need to export the Public Certificate from the PI box and import it to the Client Machine?
The reason why I am asking this is, I removed the certificate from my local machine and tried to hit the URL (HTTPS) from SOAP UI and I am still able to do so without any problem.
Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Upendra,
please beware of mixing up "HTTPs without client authentication" with trusting the servers certificate.
If you do HTTPS then the client has to trust the servers (your PI's) certificate. If the certificate is self signed you will have to establish trust within client configuration. If you think as soapUI as a client, I think soapUI itself doesn't force trust so it accepts self signed certificates. Other clients however might be more restrictive. Thats when you would need to "export" any certificate from your server and establish trust with your client.
This however has nothing to do with the client authentication itself. Simply put: You can do HTTPS with a username and password. You do this all the time when logging on to some internet sites like your webmail. But you can also do HTTPS with a certificate that identifies yourself (the client) to the server. Think of it like a passport (client certificate) that is issued by a country (your server or a external CA like VeriSign) and allows you to "enter".
To get back to your question:
Upendra Patil wrote:
Thanks Everyone,
One question though,
For the option of "HTTPS without Client Authentication", do I need to export the Public Certificate from the PI box and import it to the Client Machine?
The reason why I am asking this is, I removed the certificate from my local machine and tried to hit the URL (HTTPS) from SOAP UI and I am still able to do so without any problem.
Regards
--> You don't need to export the certificate from PI
--> If communication still works you either have a caching problem, you already specified the username and password for basic authentication (e.g. in soapUI in Tab "Aut") or you deactivated authentication for the whole SOAP adapter but that's unlikely because you would have needed to deep dive into configuration of PI to do this (probably not done accidentally)
HTH
Cheers
Jens
Have you installed the SSL certificate on your local machine??
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Here is what I have done
Selected the profile in the "Aut" tab of SOAP UI while triggering the request.
I am facing the error mentioned above, when I trigger the request.
Regards
I don't think you would need to import the certificate from PI to soapUI. Please check in soapUI if...
HTH
Cheers
Jens
Ok, so you are using fiddler to have some "man in the middle" scenario in order to tamper HTTPS data? If so, I might not be the best person to ask. I always just relied on what I was sending out from fiddler / soapUI is what is coming into SAP PI.
If you actually use soapUI I would suggest deactivating (that is, checking the hooks fiddler is placing in your proxy settings and deactivating them in necessary) fiddler. Then go ahead and try to test with soapUI.
Anyways, there might be some way to start request with soapUI and then tamper data with fiddler, maybe someone else might be of help here 🙂
Cheers
Jens
Apologies, I should have explained better.
I am trying to implement the SSL security "HTTPS with no Client Authentication" option selected in the drop down as shown in the attached figure 1. This is for Sender Channel.
I am getting the error shown in the figure 2.
My question is what steps do I need to follow for the configuration so that scenario works correctly.
REgards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Secure request means? are you using certificates to exchange message processing? if you are using SSL then make sure that everything configured correctly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.