cancel
Showing results for 
Search instead for 
Did you mean: 

SOAMANAGER call public external webservice: Error from SAP ( ok from SOAP UI)

former_member192850
Participant
0 Kudos
1,512

Good morning,

I have a question about configuring SOAMANAGER in ECC enviroment.

We want to configure a public wsdl and endpoint to call a webservice from SAP (SAP->PUBLIC SERVICE).

The public WSDL is "https://www.learnwebservices.com/services/hello?WSDL"

The public endpoint configured is "https://www.learnwebservices.com/services/hello" so without port specification.

At First, we configured this URL with "SOAP UI" Test Software from local PC without problem, the service receive the call and answer back " <Message>Hello ?!</Message>":

Then we tried to invoke the same from SAP ECC, creating the proxy from WSDL and configuring the logical port via SOAMANAGER transaction:

when I test ping with the "ping service" button

I receive the following error:

Error when calling SOAP Runtime functions: SRT: Processing error in Internet Communication Framework: ("SSL handshake with www.learnwebservices.com:443 failed: SSSLERR_PEER_CERT_UNTRUSTED (-102)The peer's X.509 Certificate (chain) is untrustedSapSSLSessionStartNB()==SSSLERR_PEER_CERT_UNTRUSTED SSL:SSL_read() failed (536872221/0x2000051d) => "Failed to verify peer certificate. Peer not trusted." ...

Which configuration is missing in SAP?

Thank you

Sandra_Rossi
Active Contributor

Be careful about the meaning of this "Ping" feature: 1903596 - SOAP Ping fails with 3rd party service provider.

There are many answers in the forum about the SSL error message. Install the certificates of the Web site in the transaction STRUST. Search the Web how to get the Web site certificates, and search the forum for more information about using STRUST. Also, this thread can be interesting to read: https://answers.sap.com/questions/11564309/how-to-set-the-anonym-pse-when-consuming-external-.html

Former Member

Sandra is right. Just import the Letsencrypt root certificates to SSL Client Standart in tx STRUST.

Sandra_Rossi
Active Contributor
0 Kudos

For information, there are 3 certificates for www.learnwebservices.com (just the names, go to their Web site to download their certificates):

ISRG Root X1
|__ R3 (Let's Encrypt)
    |__ www.learnwebservices.com
former_member377780
Discoverer

Hi all,

Like indicated from the browser pressing the "lock" icon is possibile to see the certificates:

From win pop-up I selected the ISRG Root X1 and download locally the certificate, and uploaded with tx. STRUST SSL standard folder. Now is possible to call the service from SAP.

Thank you all

regards

M

former_member192850
Participant

Solved, thank you all

Accepted Solutions (1)

Accepted Solutions (1)

amontella96
Active Contributor
0 Kudos

hi marcosauro

although I can tell you have tried to describe your issue properly, I don't get how you did the config in the backend/ecc

so let me try to answer firstly that the issue is linked to the https call, if you type in your browser www.learnwebservices.com does it work without issues?

then try www.learnwebservices.com/ping/public/default.html , still no issues?

Lastly, can you retrieve the app in the backend with transaction SICF and test/screenshot it for me? thanks.A

Answers (0)