cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Error in SOAP receiver channel

Former Member

on ‎07-13-2010 8:53 AM

0 Kudos

I am using the SOAP adapter to send a message via HTTPS. The receiver server only accepts client authorisation, so I configured the communication channel accordingly: I imported the certificate in NWA keystore (PI 7.1) and selected "Configure Client Authentication" on the communication channel.

However, when I try and send a message to the receiving service, the following error shows up in the communication channel monitoring:

Delivering the message to the application using connection SOAP_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: bad certificate. Setting message to status failed.

When I import the used certificate in my browser and try to connect via my browser to the receiving soap service, I get a response indicating the the webservice has been reached OK.

I pulled some more details out of the JAVA logging:

additional info ssl_debug(10): Starting handshake (iSaSiLk 4.1)...

ssl_debug(10): Sending v3 client_hello message, requesting version 3.2...

ssl_debug(10): Received v3 server_hello handshake message.

ssl_debug(10): Server selected SSL version 3.1.

ssl_debug(10): Server created new session 34:18:00:00:22:73:B0:4E...

ssl_debug(10): CipherSuite selected by server: TLS_RSA_WITH_AES_256_CBC_SHA

ssl_debug(10): CompressionMethod selected by server: NULL

ssl_debug(10): Received certificate handshake message with server certificate.

ssl_debug(10): Server sent a 1024 bit RSA certificate, chain has 3 elements.

ssl_debug(10): ChainVerifier: Found a trusted certificate, returning true

ssl_debug(10): Received certificate_request handshake message.

ssl_debug(10): Accepted certificate types: RSA

ssl_debug(10): Accepted certificate authorities:

...

ssl_debug(10): Received server_hello_done handshake message.

ssl_debug(10): Sending certificate handshake message with RSA client certificate...

ssl_debug(10): Sending client_key_exchange handshake message (1024 bit)...

ssl_debug(10): Sending certificate_verify handshake message...

ssl_debug(10): Sending change_cipher_spec message...

ssl_debug(10): Sending finished message...

ssl_debug(10): Received alert message: Alert Fatal: bad certificate

ssl_debug(10): SSLException while handshaking: Peer sent alert: Alert Fatal: bad certificate

ssl_debug(10): Shutting down SSL layer...

What might cause these errors?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎07-26-2010 9:20 AM
0 Kudos

Problem solved. The error was in the response of the server.

PI uses SSL v3.2, the server SSL v3.1. This is ok: SSL v3.1 will be used in this case, but the server responded by error with SSL v3.2. Hence the communication was broken.

Show replies
Show replies
former_member188791
Participant
‎11-26-2015 10:37 AM
0 Kudos

Hi Iddo,

I am also facing the same issue, could you please let me know how you solved this.

Ask a Question