In this blog I would like to discuss how to configure Java based HTTP adapter (HTTP_AAE) receiver communication channel configuration by using HTTPS URL.
Business requirement: Currently we are using SAP PI 7.31 Java only system, we need to send the data to customer by using java based HTTP (HTTP_AAE) adapter with HTTPS URL.
To use the HTTPS url we need to activate SSL and apply HTTPS certificate
Generate SSL:
Lo-gin to NWA->Configuration->Security->Certification and Keys
Image may be NSFW.
Clik here to view.
Select “Service_ssl” key store view then click on Create button
Image may be NSFW.
Clik here to view.
Provide the Entry name, Algorithm, Key length and valid date details and click on Next
Image may be NSFW.
Clik here to view.
Provide the details then click on Finish.
Image may be NSFW.
Clik here to view.
Download the entry which we created by clicking “Generate CSR Request” button.
Image may be NSFW.
Clik here to view.
Apply the certificate (After download we will send this to certificate authority like VeriSign or mail or ….. then they will add keys and send back to us).
Now we have 2 or 3 certificates (Root, Intermediate [optional, if any 3rd party person is there in the middle then we can get this certificate] and system certificates). Place all the certificate keys in one file [must be in order as Root, Intermediate and System certificate keys] then import the same file to PI server by clicking “Import CSR Response”
Image may be NSFW.
Clik here to view.
Then provide the certificate path
Image may be NSFW.
Clik here to view.
Activate SSL
NWA->Configuration->Security->SSL
Image may be NSFW.
Clik here to view.
Click on Edit then click on Add button in SSL Access points
Give PSE file path (File path is //usr/sap/<SID>/J<Instance_number>/sec)
Note: PSE file generates when we are installing the PI server, this file stores in the above path and this file contains system information.
Image may be NSFW.
Clik here to view.
Now SSL is active.
HTTPS certificate.
This is a separate certificate we need to generate and send to the certificate authority then apply the certificate (same like above process but here we need to apply the root, intermediate and system certificates separately).
Root certificate
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
And next update the Intermediate and system certificates on “Trusted CAs” tab
Image may be NSFW.
Clik here to view.
restart the server.
HTTP_AAE Receiver Communication Channel Configuration
My client provided 2 URLs, one is HTTP URL and the second one is HTTPS URL.
URLs are as follows
- http://tp.uat.AAAAAA.com:5555/invoke/FxPartnerDriverURL.Public/Publish?payloadType=INT-1.0&subject=Order&toOrgID=ZZZZZZZZZZZ
- https://tp.uat.BBBBBB.com:5443/invoke/FxPartnerDriverURL.Public/Publish?payloadType=INT-1.0&subject=Order&toOrgID=YYYYYYYYYY
In receiver HTTP_AAE communication channel with HTTP URL is normal, we just gives the HTTP server and URL details.
HTTPS URL Configuration:
HTTP_AAE communication channel with HTTPS URL
Image may be NSFW.
Clik here to view.
Use SSL: If we select this option means we are using HTTPS URL, if customer wants certificates then we can select certificate checkbox and provide the certificate details.
Let’s go to communication channel monitoring and ping the communication channel (HTTP)
Image may be NSFW.
Clik here to view.
Ping the communication channel in communication channel monitoring (HTTPS).
Image may be NSFW.
Clik here to view.
Conclusion:
I believe this blog would provide better understanding of how to configure the java based HTTP adapter receiver communication channel by using HTTP and HTTPS URLs.
References:
http://help.sap.com/saphelp_nw73ehp1/helpdata/en/6d/c2b39dae45482e90d3352345cbf427/frameset.htm
http://help.sap.com/saphelp_nw73ehp1/helpdata/en/48/cbb493cea80783e10000000a42189d/frameset.htm
http://help.sap.com/saphelp_nw73ehp1/helpdata/en/4a/015cc68d863132e10000000a421937/frameset.htm