on 11-27-2014 3:48 PM
Hi Experts,
After resolving our issue for Anonymous login, we are facing a different issue now. We cannot decrypt the message the customer is sending to us. We have configured the certificates correctly (uploaded both private and public key in NWA, used those for decrypting, etc.) in the Sender Comm Channel. To provide some more background, we have a GoDaddy CA Signed certificate which we use for SSL Client Authentication as well.
The Certificate has the following for the intended purposes:
1. Ensures the identity of a remote computer
2. Proves your identity to a remote computer
3. 2.16.840.1.114413.1.7.23.1
Key Usage is listed as follows: Digital Signature, Key Encipherment (a0)
Subject:
CN = SAP PI Quality Instance domainname
OU = Domain Control Validated
Here is the error we receive in B2B Log and Communication Channel Monitoring:
Error occured while decrypting the AS2-message: Cannot decrypt message: org.bouncycastle.cms.CMSException: key invalid in message
I have confirmed with the partner that they are indeed encrypting the message using the public certificate we provided (which again, used the same for SSL Authentication). I have seen some posts that mention that a new certificate must be generated specifically for data encryption and signature authentication.
We have B2B Add-on SP4 installed on a SAP PI 7.31 Dual Stack.
Any feedback will be appreciated. Do we need to configure something or is this a certificate mismatch?
Regards,
Rommel
Hello Rommel,
You need to check if JCE unlimited policy is installed or not. Please refer SAP Note 1915999
Regards,
Piyush
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
80 | |
9 | |
9 | |
7 | |
7 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.