Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Showing results for 
Search instead for 
Did you mean: 
ricardo_m117
Explorer
If you have been working with B2B with BTP Cloud Integration, you surely have come across the scenario where you need to test your iFlows configured with Client Certificate Authentication. if you need to test your AS2 inbound iFlow fast and easy you can use soapUI and get that testing underway. Below you will find a quick tutorial on how to set soapUI to call your AS2 endpoint.

Assumptions:

  • You have created and deployed an iFlow using AS2 Sender Adapter.


Example:




  • You have credentials with a valid role to execute iFlow's in the BTP Cloud Integration tenant.

  • You have a private key in ".pfx" or ".p12" format.


Step 1: Create a new REST project in soapUI
Input: AS2 Endpoint from your deployed iFlow


Step 2: Create the mandatory AS2 headers

  • mime-version: 1.0

  • as2-version: 1.2

  • subject: soapUImsg <-- You need to use the same value as configured in your iFlow as Message Subject

  • ediint-features: multiple-attachments, CEM

  • as2-from: soapUIasPartner <-- You need to use the same value as configured in your iFlow as Partner AS2 ID

  • content-disposition: attachment; filename="your_file_name_HERE.txt"

  • message-id: provide a unique ID

  • as2-to: myCompanyID <-- You need to use the same value as configured in your iFlow as Own AS2 ID

  • disposition-notification-to: URL in case of MDN

  • from: Email address associated with Partner

  • content-type: Application/EDI-X12



Step 3: Change the Method to POST, the Media Type to "text/xml" and add content in the body


Step 4: Add credentials to the request.

Scenario A) Basic Authentication > Navigate to Auth> Add new authorization > Basic > Type in credentials from service key

Scenario B) Client Certificate Authentication or TLS Mutual Authentication


In the Navigator panel, select the project folder and access the "Project View" by right click and select the option "Show Project View"


Select the "WS-Security Configuration" tab > then select the "Keystore" tab

Click on the green + button and browse for the private key with the ".pfx" extension.



Note: For the demo, I will use S-User SAP Passport. IMPORTANT: I have previously configured an instance on the BTP cockpit and created a corresponding service key.



Close the "Project View" and in the request properties pane select the keystore from the drop-down in SSL Keystore


Important Note that in Trial accounts no SAP key pair is provisioned. Because of this client certificate-based inbound authentication cannot be used. You can only use basic authentication with clientid and clientsecret generated in the service key.

 

Step 5: Submit Request

Scenario A) Click on the Play button. Navigate to Monitor Message Processing



Review Headers


Scenario B) Click on submit the request.


MDN response will be provided as a response if the disposition-notification-to header was provided.


soapUI Request - Response


Navigate to Monitor Message Processing > Select Message > Review Headers


Compare the "SapAuthenticatedUserName' header value with the client-id value from the service key.


Validate Payload


Here is an actual EDI file with MDN



MDN Attachment


Now you can test your EDI inbound scenarios and even set test cases using soapUI.

Happy testing 🖖🏻

 
2 Comments
Labels in this area