Skip to Content
Author's profile photo Former Member

How to configure SAP XI/PI for secure connectivity to an eCommerce Web Server

Scenario Description:  

In my current project, we developed an interface to send purchase orders from ECC system to an eCommerce web server (in our case, it was perfect Commerce server).  We configured XI to connect to pCommerce server using HTTP(S). A pictorial representation of the scenario is below.

 

Scenario

 

Solution: I have described below, the step-by-step solution (I will go into each with more details.)

1) Download X.509 digital certificate from web server (pCommerce).

2) Install the X.509 digital certificate in SAP XI using STRUST TCODE

3) Create RFC destination in SAP XI & refer to the certificate in above step

4) Configure IR objects.

5) Configure ID objects.

STEP 1: Download X.509 digital certificate from web server (pCommerce) 

1. Access the desired HTTPS web server using your Internet Browser. (In this blog, I have used Internet Explorer 7.0 & I am referring to a different web server for demo purpose)

Link

 

2. Click on the lock icon in address bar.

 

C Trust

 

 

3. Now, click on View certificates. In the pop-up window that opens, choose “Certification Path” tab, select the node that ends with “Enterprise CA”, then, select “View Certificate” button.

 

Cert Path

 

4. Another pop-up window opens up, now, select “Details” tab, and then click “Copy to File” button. This will open up the “Certificate Export” wizard.

Cert Details

 

5. In the Certificate Export Wizard, choose the certificate format you want to use, click Next, and then save the certificate file in your local desktop. In this example, I have chosen the Base-64 encoded X.509 certificate format.

Cert Wiz

 

STEP 2: Install the X.509 digital certificate in SAP XI using STRUST TCODE. 

 

1. Log onto SAP XI ABAP stack, go to STRUST TCODE, and select the XI server node under SSL Client (Anonymous). This XI server node should be in “Green” Status.

 

strust

 

 

2. Now, click on import certificate icon, and, select the certificate file downloaded in STEP 1.

3. Now, click “Add to Certificate List” and the current certificate will be added to the “Cert List”.

 

STEP 3: Create RFC destination in SAP XI & refer to the certificate in above step 

 

 

1. In SM59 TCODE, create New HTTP Destination to external Server.

2. Provide a name for the RFC Destination, and select Connection Type as G, then provide a description.

3. Goto Logon/Security tab and select Logon Procedure as Basic Authentication and select “Active” radio button against SSL. A screen shot is below.

 

 

Logon

 

 

4. Choose the SSL Client Certificate as “SSL Client (Anonymous)”(the one we created in STEP 2)

5. Now, enter user name and password used to access the pCommerce server.

6. In the Technical Settings tab, provide Target Host Name, Service No. as 443 and Path Prefix. These details would have been made available to you by means of a URL, e.g., anewcommerce.com:443/invoke/pub.xi.Router/inboundMessageObject.

In this case

Target Host: anewcommerce.com

Service No.: 443

Path Prefix: /invoke/pub.xi.Router/inboundMessageObject

 

Tch Setting

 

 

7. Timeout, HTTP Setting and Cookies can be handled in Special Options tab.

 

Spl Option

 

 

8. To ensure successful connectivity between pCommerce server and SAP XI, click on Test Connection to get response message.

STEP 4: Configure IR objects 

 

1. We had received an XSD file for the target pCommerce message structure; we imported it into XI IR as an external definition. Then we did the mapping from the ORDERS05 IDOC to this pCommerce XSD.

STEP 5: Configure ID objects (HTTP Communication Channel) 

 

1. Create HTTP Receiver Communication channel in ID.

 

Com Channel

 

 

2. For the HTTP Destination, specify the name of the RFC destination created in STEP 3.

3. Use this HTTP communication channel in the receiver agreement.

 

Using the above steps, we were able to successfully download, install the digital certificate and communicate to pCommerce server using HTTPS. Hope you found this useful.

Assigned Tags

      1 Comment
      You must be Logged on to comment or reply to a post.
      Author's profile photo Raja Sekhar Reddy
      Raja Sekhar Reddy
      Hi ,

      Really good blog.

      Regards,
      Raj