on 2015 Mar 03 5:39 AM
Hi Experts,
We are integrating C4C and CRM using HCI certificate-based authentication. We have performed all the necessary configurations in HCI (iFlow setup to use certificate based, certificates imported in keystore), C4C, and CRM-onprem (SSL setup, imported/exported the needed certificates both in SSL Server and Client PSEs) for certificate-based authentication but we're still facing 403-Forbidden error, both for C4C to CRM and CRM to C4C message flows.
For CRM to C4C, we try to do a connection test in SM59 and we already set to not use user logon but the below window still prompts.
Proving the S-USER authorized in HCI tenant, same error we get 403-Forbidden. We're thinking that the above window should not show if we set the logon procedure to use certificate, please advice what other configurations should we set in CRM on-premise side.
Thanks in advance.
Regards,
Rajiv
Dear All,
Kindly note that the pop up come due SSL error, but HCI provide second option to connect when you test the connection from SM 59 from External system(ERP/CRM).
Kindly add Source Client certificate in iFlow and provide the this certificate to HCI operation team to add in HCI key store. (By creating CFC incident or OSS message component for OSS message is LOD-HCI-PI-OPS )
Adding to the above point, add HCI client certificate in External System key store/ Web dispatcher (If applicable).
By doing this SSL handshake will work correctly which will help in connecting your External System (ERP/CRM) to HCI system.
Regards,
Praveen
SAP Cloud Product suppport
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
In addition, now I just tested again, the ping reached HCI already but I'm not sure if it used the certificate as I was asked with a logon user, where I used the SUSER authorized in our HCI tenant.
Furthermore, for Inbound communication using the service IDOC, is the following configuration correct?
Regards,
Rajiv
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Rajiv,
Please refer the below screenshots specifying the configurations maintained in ECC.
From SM59:
Maintained above is the name of folder structure where all the relevant certificates are imported into STRUST. Also check if you ain't missing any certificates. (Global Root Certificates, CyberTrust certificates, HCI relevant Baltimore and other vertificates)
Kindly verify if you following same.
Hope this helps.
Regards,
Chandan
Hello Rajiv,
I am not the basis expert nor do I have access to any system right now but looking at your issue, I think you need to mention the Folder name from STRUST where you have added the certificate where you have mentioned as Certificate based authorization in SM59.
Hope I do make atleast some sense to you.
Regards,
Chandan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
27 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.