- SAP Managed Tags:
I want to share my “lessons learned” regarding https-configuration of CTI / Live-Activity
My knowledge is based on following sources:
First advice: Do the initial setup/testing using HTTP. Once this is working, switch to HTTPS.
As mentioned before, my favourite setup-how to is https://archive.sap.com/documents/docs/DOC-61429
Using Microsoft-Internet-Explorer, follow https://archive.sap.com/documents/docs/DOC-61430 . In my case I also had to add localhost to trusted-sites in addition.
Using Google Chrome, https://archive.sap.com/documents/docs/DOC-61611 is still correct. But as shown here this ends in security-warnings
This is a “no-go” from my point of view: …don’t care about this security warning, it’s safe... just ignore & continue…
(Please comment, how you think about this!)
Mainly you have to follow help.sap.com: https://help.sap.com/viewer/cea15f900ca04c4faa35d3044577fe27/1708/en-US/186e3fef763d1014bf40f03714be...
Unfortunately this refers to a deprecated MS-tool named makecert. The new tool is named New-SelfSignedCertificate (according to https://msdn.microsoft.com/en-us/library/windows/desktop/aa386968(v=vs.85).aspx ).
Unfortunately I wasn’t able to transfer the settings to New-SelfsignedCertifacate. Solution in my case: My IT-Webserver-colleague created a webserver-certificate for CN localhost (Thanks Daniel).
So I got a certificate stored in a .pfx-file
This has to be installed as Administrator (doubleclick) and saved to “Local computer” (not current user!).
Now you have to lookup the fingerprint of this certificate: Please start certlm.msc (as administrator) and navigate to “Own certifactes”/ certifcates, details-tab and look for the fingerprint
(sorry for “german” screenshot)
This fingerprint has to be copied to clipboard. Spaces have to be deleted, and it has to be “pure” ASCII.
In my case the fingerprint is b4a7274eb7bcd41a0536353addfd3b3c5aca3948 (your’s will be different)
Now proceed according to help.sap.com with following command (as administrator using cmd)
netsh http add sslcert ipport=0.0.0.0:36731 certhash=b4a7274eb7bcd41a0536353addfd3b3c5aca3948 appid={7e46cd40-39c6-4813-b414-019ad22e55b2}
This will “connect” the certificate with the C4C-Client-Adapter.
Finally check the result: Call up URL https://localhost:36731/CTIMain.htm
It should look like this
Important is, the green lock
and the word “Sicher” = “Secure”.
Everything else means, the certificate isn’t correct yet.
This is hidden inside Scoping (strange, but that’s the way it is):
Now you can test this using the Simulate-button of CTI-Adapter
(I deleted browsercache to be sure)
In my case I struggled according to FAQ topic 4) https://blogs.sap.com/2017/06/06/faqs-related-to-cti-integration-in-sap-hybris-cloud-for-customer/
F12 – Developer-Tools & SAP-Support have been the solution in my case.
Simulate Call works (Live activity is updated) and Webbrowser shows a “Secure” connection.
1) Currently I still struggle with a tiny “warning” regarding unsecure scripts:
(ongoing SAP-incident). Nevertheless it seems not to interfere the functionality. I’ll update this article, once this is fixed.
2) I intend to add another blog-article with details regarding Inbound-CTI-Setup using CISCO Jabber in near future.
3) Please check also my “idea” how to improve Live-Activity https://ideas.sap.com/D43490
My knowledge is based on following sources:
- Basics are described in help.sap.com
https://help.sap.com/viewer/cea15f900ca04c4faa35d3044577fe27/1708/en-US/8ccee879241742fc824eff0bfe7d... - A straight-forward quick-setup can be found in “old” SCN-archive
https://archive.sap.com/documents/docs/DOC-61429 - Some new features in 1702 – but also a lot of basics
https://blogs.sap.com/2017/03/13/whats-new-in-1702-sap-hybris-cloud-for-customer-call-center-integra... - Very recent FAQ:
https://blogs.sap.com/2017/06/06/faqs-related-to-cti-integration-in-sap-hybris-cloud-for-customer/
Some hints regarding http
First advice: Do the initial setup/testing using HTTP. Once this is working, switch to HTTPS.
As mentioned before, my favourite setup-how to is https://archive.sap.com/documents/docs/DOC-61429
Using Microsoft-Internet-Explorer, follow https://archive.sap.com/documents/docs/DOC-61430 . In my case I also had to add localhost to trusted-sites in addition.
Using Google Chrome, https://archive.sap.com/documents/docs/DOC-61611 is still correct. But as shown here this ends in security-warnings
This is a “no-go” from my point of view: …don’t care about this security warning, it’s safe... just ignore & continue…
(Please comment, how you think about this!)
How to switch to https
Preparations for local client
Mainly you have to follow help.sap.com: https://help.sap.com/viewer/cea15f900ca04c4faa35d3044577fe27/1708/en-US/186e3fef763d1014bf40f03714be...
Unfortunately this refers to a deprecated MS-tool named makecert. The new tool is named New-SelfSignedCertificate (according to https://msdn.microsoft.com/en-us/library/windows/desktop/aa386968(v=vs.85).aspx ).
Unfortunately I wasn’t able to transfer the settings to New-SelfsignedCertifacate. Solution in my case: My IT-Webserver-colleague created a webserver-certificate for CN localhost (Thanks Daniel).
So I got a certificate stored in a .pfx-file
This has to be installed as Administrator (doubleclick) and saved to “Local computer” (not current user!).
Now you have to lookup the fingerprint of this certificate: Please start certlm.msc (as administrator) and navigate to “Own certifactes”/ certifcates, details-tab and look for the fingerprint
(sorry for “german” screenshot)
This fingerprint has to be copied to clipboard. Spaces have to be deleted, and it has to be “pure” ASCII.
In my case the fingerprint is b4a7274eb7bcd41a0536353addfd3b3c5aca3948 (your’s will be different)
Now proceed according to help.sap.com with following command (as administrator using cmd)
netsh http add sslcert ipport=0.0.0.0:36731 certhash=b4a7274eb7bcd41a0536353addfd3b3c5aca3948 appid={7e46cd40-39c6-4813-b414-019ad22e55b2}
This will “connect” the certificate with the C4C-Client-Adapter.
Finally check the result: Call up URL https://localhost:36731/CTIMain.htm
It should look like this
Important is, the green lock
and the word “Sicher” = “Secure”.Everything else means, the certificate isn’t correct yet.
Check/Change C4C-Liveactivity to use https
This is hidden inside Scoping (strange, but that’s the way it is):
Test it
Now you can test this using the Simulate-button of CTI-Adapter
(I deleted browsercache to be sure)
In my case I struggled according to FAQ topic 4) https://blogs.sap.com/2017/06/06/faqs-related-to-cti-integration-in-sap-hybris-cloud-for-customer/
F12 – Developer-Tools & SAP-Support have been the solution in my case.
Final Result
Simulate Call works (Live activity is updated) and Webbrowser shows a “Secure” connection.
FYI:
1) Currently I still struggle with a tiny “warning” regarding unsecure scripts:
(ongoing SAP-incident). Nevertheless it seems not to interfere the functionality. I’ll update this article, once this is fixed.
2) I intend to add another blog-article with details regarding Inbound-CTI-Setup using CISCO Jabber in near future.
3) Please check also my “idea” how to improve Live-Activity https://ideas.sap.com/D43490
1 Comment
| User | Count |
|---|---|
| 15 | |
| 3 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
