cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Destination - 500 Internal Server ERROR

natalymoros
Explorer

on ‎2023 Mar 23 5:16 PM

0 Kudos
1,340

Hello everyone,

We are currently making a call through a destination that had always worked but today it goes to 500 Internal Server Error.

we have not changed anything in the code and in the destination.

The call from CAP without going through the Destination using the same certificate works.

Is anyone else having a similar problem?

SAP is doing any maintenance?

Thanks!

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

Ivan-Mirisola
Product and Topic Expert
Product and Topic Expert
‎2023 Mar 23 8:22 PM

Hi nataly_alejandra_moros_guerra29,

When you use the Client Certificate Authentication (Destination's Authentication Type) - it is assumed that you will provide a certificate chain which contains a subject that identifies a person. However, I see from the screenshot that you have the "Use the default JKS truststore" enabled - which most certainly will not contain any such certificates. I find it odd that you have that enabled and at the same time you have entries for your own keystore. Anyway, you should use either one or the other - not both at the same time.

On the other hand, the NodeJS code provided sends out a certificate, but it also send out an authentication object containing username and password. Could it be that the certificates sent are not in fact being used for authentication at all? I suppose they are not identifying a person, but rather a server. And that the username and password is what is making this code work - but I might be wrong, as it seems your destination has some weird settings.

Also, I would recommend you to migrate your code to BTP Cloud SDK format - which encapsulates all of the authentication process for you. Thus, making it simpler to read. Fix the JKS Trust Store setting and make sure all relevant certificates are in place. Once that is done, it would be as simple as running the following code:

const { getDestination } = require('@sap-cloud-sdk/connectivity');
const { execute } = require('@sap-cloud-sdk/http-client');

const poDest = await getDestination({
      destinationName: 'POIntegration',
      useCache: true
    });

const response = await executeHttpRequest(poDest);

Refer to the Cloud SDK for documentation:

https://sap.github.io/cloud-sdk/docs/js/features/connectivity/destinations#referencing-destinations-...

Don't forget that a person's certificate (a.k.a. Client Certificate [in opposition to server certificate]) is usually signed by an intermediate certificate authority (CA). And that intermediate certiticate is also signed by a root CA. Therefore, the JKS must contain the full certification chain (root + intermediate + client) in order to work as expected.

Best regards,
Ivan

Show replies
Show replies
amontella96
Active Contributor
‎2023 Mar 23 9:23 PM
0 Kudos

Hi nataly_alejandra_moros_guerra29,

ivan.mirisola 's answer looks good to me... but http 500 error is not a failure of handshake so my answer is something has changed in the POIntegration, like yesterday we were expecting field1/2/3 and today we expect field1/2/3/4 , if you know what i mean

lastly, is it me or in the CAP call you use https while in the BTP destination you use http? i like this topic, i hope you keep it awake 🙂

cheers!A

Show replies
Show replies
Ask a Question