cancel
Showing results for 
Search instead for 
Did you mean: 

Getting error while posting data to C4C

0 Kudos
712

Hi Experts,

we are having issue while sending the data from SAP PO to C4C. in the SOAP channel, it says 'failed to call the endpoint', I have attached the screenshot of error in message log.

We checked the xpi logs of channel which says that handshake was completed and then throws the exception 'socket already closed'. i have attached the screenshot of trace as well.

any leads are appreciated.

Thanks,

View Entire Topic
JaySchwendemann
Active Contributor
0 Kudos

Couple of thoughts / questions

  1. Try to get a look at the C4C side as well (Administrator --> Web Service Message Monitoring). Maybe start A2X Trace, while you're at it
  2. How to you authenticate? Basic Auth? Client Certificate? Other?
  3. Try to even beef up XPI logging by increasing JCO Trace level and include payload
  4. Try other tools for directly (without PI) sending to C4C like Postman or soapUI. They may (or may not) give you more insights on what has gone wrong

Cheers

Jens

0 Kudos

hi Jens,

1. we do not get anything in C4C in web service monitoring. it is asynchronous, so i guess, A2X won't help.

2. it is basic authentication with HTTPS.

3. I tried with jco traces and payload, no luck.

4. it seems to work from soapUI once i follow this blog otherwise i get HTTP 500.

https://blogs.sap.com/2018/07/23/dealing-with-invisible-soap-errors-in-c4c/

JaySchwendemann
Active Contributor
0 Kudos

Ok, then I would tap more into the "works with soapUI once" direction.

The fact that it is working (once) is a good sign. It may very well not work again because as it is asynchronous might imply the QoS is EO (not sure though). So if you have some Identifier in your request (like a GUID) that might need to change from first to subsequent requests.

Besides that it smells a little like an TLS or cipher suite problem?

  1. *.crm.ondemand.com only allows TLS 1.1 and 1.2


  2. Do you have any other interfaces (PI (HTTPS) --> C4C) that are already running (may it be synchronous or asynchronous

  3. Which version of PI are you on? Single or Double (Dual Usage) Stack?

  4. Are you positive that you trust (nwa/key-storage --> TrustedCAs) the C4C server certificate?

  5. Have you tried XPIs SSL Example (11) like https://blogs.sap.com/2015/12/10/using-xpi-inspector-to-troubleshoot-http-ssl-connections/. This should up the ante on SSL Debugging level (hopefully)

  6. On a second look I see in your trace file that you are using a proxy. Is it the same proxy (and the same proxy user) you are using when testing from your client with soapUI? Maybe not C4C is shutting down, but the proxy. You may want to look into this, too

Cheers

Jens

0 Kudos

Hi Jens,

1. yes,C4C allows only TLS 1.1 and 1.2, so we enabled TLS 1.1 in SAP PO. it was throwing exception on 1.2.

2. No, it is a new SAP PO box.

3. It is single stack, 7.5

4. Yes, traces would suggest that,chain verifier returns true saying trusted certificate was found or it doesnt mean that?

5. we were having ssl issues earlier and followed the blog you mentioned to rectify those.

6. We dont have proxy, we are using SOAP with HTTPS. we are not using proxy with SoapUi either.

JaySchwendemann
Active Contributor
0 Kudos

Hi again,

not sure if this should be rather posted as an answer, but here I go.

According to ssllabs C4C supports the following cipher suites. According to your screenshot PI opted for cipher suite SSL_RSA_WITH_RC4_128_MD5. That is however not in C4Cs list.

However, according to the XPI log handshake should(!) be already done (that is when the SSL Layer shutting down). So it's questionable if the chipher suite is really the issue or a red herring.

The server (that is C4C) responds just with "null" so basically some non-understandable response. If there would be a authentication issue, it would respond with an HTTP 401, Authorization with HTTP 403 and other server issue with HTTP 500 and so on.

So it might be wise to tap more into C4C.

So my further suggestions would be

  1. Check if you really enabled web service monitoring on C4C during scoping
  2. Check (but not extensively) why it seems you are sending with an rather old cipher suite from PI (it is strange that the handshake seem to be completed though). Since you have a fairly new PO installation it should support decent cipher suites / tls up to 1.2
  3. Raise a incident at SAP. They may very well be able to take a deeper look under the hoods of C4C
0 Kudos

Hi Jens,

will check cipher suite with Basis. we had raised the incident last week but it is dev, so they arent responding quickly and we are way off timelines.