Skip to Content
Author's profile photo Martin Grasshoff

How To use HTTPS connections with SMP Cloud

Hi there.

You may not know but I contributed to the openSAP course “Introduction to SAP HANA Cloud Platform”. In this course I explained how to configure SMP Cloud to access a backend and to consume it using an HTML5 App.

During this course the backend was supposed to be just an HTTP backend, but also an HTTPS backend was used by some participants.


Of course does SMP Cloud supports HTTPS connections to backends, but this does not come out of the box. In order to allow HTTPS backend connections please follow the steps listed below:

First get the HANA Cloud Platform SDK. You can download it here: SAP Development Tools for Eclipse


NOTE: When prompted for password in the console client, provide the SDN password of the user.

NOTE: sXXXXXXXX must be substituted by your SCN User

Follow the steps described below:

Step 1: Get the list of destinations for the account by entering the following command in your command promt (Windows) or shell (Linux/Unix/Mac). Make sure you have an internet connection.

neo get-destination –account sXXXXXXXXtrial –user sXXXXXXXX –provider-account sapmobile –provider-application mobile –host hanatrial.ondemand.com

After choosing your particular destination and security profile, enter the following command

neo get-destination –account sXXXXXXXXtrial –user sXXXXXXXX –provider-account sapmobile –provider-application mobile –host hanatrial.ondemand.com –name <destination_name> –localpath <Path to download the destination>

<destination_name> from the first command output.

<Path to download the destination> e.g. C:\ or .

Step 2: Go to the path and edit the file, by adding the following line :

TrustAll=TRUE

Step 3: Now upload the same file using the following command

neo put-destination –account sXXXXXXXXtrial –user sXXXXXXXX –provider-account sapmobile –provider-application mobile –host hanatrial.ondemand.com –localpath <Path for the downloaded file>

Of course you have to adjust the account name and host it you are not on a trial account. Obviously it means that the -host is then hana.ondemand.com, instead of hanatrial.ondemand.com.


Have Fun,

Martin Grasshoff




EDIT: Claudia Pacheco wrote an updated guide for HCPms. Thanks!! https://scn.sap.com/docs/DOC-63416


Assigned Tags

      22 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member

      Hi Martin,

      The first 'neo' command in the Step 1 returns me the following message:

      Host [configapi.hanatrial.ondemand.com] cannot be accessed. HTTPS proxy settings

      not found. HTTP proxy settings not found. Configure your proxy settings as desc

      ribed in the documentation

      Please explain me how to configure the proxy settings or give me the link to the needed documentation.

      Thanks and regards,

      Sasha

      Author's profile photo Martin Grasshoff
      Martin Grasshoff
      Blog Post Author

      Hi Alexander.

      To make the neo command line tool proxy aware follow the steps described here:

      https://help.hana.ondemand.com/help/frameset.htm?7613dee4711e1014839a8273b0e91070.html

      Have Fun,

      Martin

      Author's profile photo Artiom Sargesjan
      Artiom Sargesjan

      HI Martin,

      I am trying to follow your instructions and in step 1 after entering the command:

      neo get-destination --account sXXXXXXXXtrial --user sXXXXXXXX --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com --name <destination_name> --localpath <Path to download the destination>

      I get "Multiple properties files found [Mobility\Sap, HANA]. Provide only one propertie

      s file".

      Any idea why?

      Kind regards,

      Artiom Sargesjan

      Author's profile photo Martin Grasshoff
      Martin Grasshoff
      Blog Post Author

      Have you provided a valid value for <destination_name> and <Path to download the destination>.

      After retrieving the list, did you pick a destination and put it into the --name parameter?

      -Martin

      Author's profile photo Artiom Sargesjan
      Artiom Sargesjan

      Hi Martin,

      Thank you for the fast reply.

      This is how my command looks like. I think I've provided the correct values for <destination_name> and <Path>.

      neo get-destination --account p1420108685trial --user p1420108685 --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com --name be_mysap_myapp_p1420108685trial --localpath C:\SAP Mobility

      Kind regards,

      Artiom

      Author's profile photo Artiom Sargesjan
      Artiom Sargesjan

      Hi Martin,

      I was able to resolve my issue by placing the --localpah in quotes.

      So my command looks like this.

      neo get-destination --account p1420108685trial --user p1420108685 --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com --name be_mysap_myapp_p1420108685trial --localpath "C:\SAP Mobility"


      Also I want to point out that Step2 must be performed both on the destination and security profile files.


      Kind regards,

      Artiom

      Author's profile photo Former Member
      Former Member

      What is the command to get and put the security profile file? Thanks!

      Author's profile photo Artiom Sargesjan
      Artiom Sargesjan

      Hi, This is what I did.

      1) Display the destinations for your account

      • neo get-destination --account pxxxxxxxxxxtrial --user pxxxxxxxxxx --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com

      2) Download the destination and the security profile files to local machine

      • neo get-destination --account pxxxxxxxxxxtrial --user pxxxxxxxxxx --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com --name myapp_pxxxxxxxxxxtrial --localpath "C:\SAP Mobility\Sap HANA\neo-java-web-sdk-1.52.19\tools\samples"
      • neo get-destination --account pxxxxxxxxxxtrial --user pxxxxxxxxxx --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com --name mysecprof_pxxxxxxxxxxtrial_SC --localpath "C:\SAP Mobility\Sap HANA\neo-java-web-sdk-1.52.19\tools\samples"

      3) Edit both files adding "TrustAll=TRUE" and upload to SAP hana

      • neo put-destination --account pxxxxxxxxxxtrial --user pxxxxxxxxxx --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com --localpath "C:\SAP Mobility\Sap HANA\neo-java-web-sdk-1.52.19\tools\samples\myapp_pxxxxxxxxxxtrial"
      • neo put-destination --account pxxxxxxxxxxtrial --user pxxxxxxxxxx --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com --localpath "C:\SAP Mobility\Sap HANA\neo-java-web-sdk-1.52.19\tools\samples\mysecprof_pxxxxxxxxxxtrial_SC"
      Author's profile photo Former Member
      Former Member

      Thanks!!

      Author's profile photo Jitendra Kansal
      Jitendra Kansal

      Artiom Sargesjan

      I tried to run the command neo get-destination --account sXXXXXXXXtrial --user sXXXXXXXX --provider-account sapmobile --provider-application mobile --host hanatrial.ondemand.com as mentioned in the step 1 but got below error:

      error.PNG

      Any idea?

      Author's profile photo Artiom Sargesjan
      Artiom Sargesjan

      Hi,

      Could you post the log output?

      Regards,

      Artiom

      Author's profile photo Jitendra Kansal
      Jitendra Kansal

      Artiom Sargesjan

      Please check

      2014-05-14 16:17:23,128 INFO  [main] com.sap.jpaas.infrastructure.console.CommandManager: Starting execution of command [get-destination]

      2014-05-14 16:17:23,132 INFO  [main] com.sap.jpaas.infrastructure.console.CommandManager: Command [get-destination] init() finished for [1] ms

      2014-05-14 16:18:01,531 INFO  [main] com.sap.jpaas.infrastructure.console.CommandManager: Command [get-destination] cleanup() finished for [0] ms

      2014-05-14 16:18:01,537 FATAL [main] com.sap.jpaas.infrastructure.console.ConsoleClient: ❗ ERROR; Connection to https://configapi.hanatrial.ondemand.com refused

      com.sap.jpaas.infrastructure.console.exception.CommandException

        at com.sap.core.connectivity.config.cmd.GetAction.run(GetAction.java:54)

        at com.sap.jpaas.infrastructure.console.CommandManager.run(CommandManager.java:295)

        at com.sap.jpaas.infrastructure.console.CommandManager.run(CommandManager.java:260)

        at com.sap.jpaas.infrastructure.console.ConsoleClient.run(ConsoleClient.java:235)

        at com.sap.jpaas.infrastructure.console.ConsoleClient.main(ConsoleClient.java:85)

      Caused by: org.apache.http.conn.HttpHostConnectException: Connection to https://configapi.hanatrial.ondemand.com refused

        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:158)

        at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)

        at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)

        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:561)

        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)

        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)

        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)

        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)

        at com.sap.core.connectivity.config.cmd.GetAction.download(GetAction.java:80)

        at com.sap.core.connectivity.config.cmd.GetAction.run(GetAction.java:52)

        ... 4 more

      btw: i downloaded neo-javaee6-wp-sdk-2.32.10.1.zip from SAP Development Tools for Eclipse

      Rgrds,

      JK

      Author's profile photo Artiom Sargesjan
      Artiom Sargesjan

      From your previous post I understand that you are behind a proxy. Are your proxy settings correct?

      Also, I'm using neo-java-web-sdk-1.52.19.zip.

      Author's profile photo Sami Lechner
      Sami Lechner

      thanks Martin

      Author's profile photo Former Member
      Former Member

      In command prompt message

      'FINDSTR' is not recognized as an internal or external command,

      operable program or batch file.

      and I can not do anything more.

      Jitendra Kansal  Sami LechnerJitendra Kansal Martin Grasshoff

      Author's profile photo Former Member
      Former Member

      Hi Martin Grasshoff

      Is these steps suitable for HCPms also or only SMP cloud?

      Claudia Pacheco  Jitendra KansalClaudia Pacheco

      Regards,

      Mohamed.

      Author's profile photo Martin Grasshoff
      Martin Grasshoff
      Blog Post Author

      Hi,

      these steps are suitable for HCP destinations in general.

      This is a rather old blog post and you can upload your truststore directly using the HCP Cockpit nowadays.

      Type in your URL in the Destination configuration window, unselect "Use default JKS truststore" and upload your locally created JKS file.

      Regards,

      Martin

      Author's profile photo Former Member
      Former Member

      Hi Martin Grasshoff,

      Thanks for concern.

      Actually I've posted a question regarding to Android mobile app error using HCPms: Re: SMP Offline/Online store in Travel Agencies demo app Throws error. By discussing with Claudia Pacheco, she asked me to enable Https using your blog. I've tried your steps and all are OK however the destinations received from "neo get" command were that ones on SMP cloud(Deprecated one) not HCPms. That's the story.


      Now, I understood from your discussion that I could make my trust list and upload it using HCP Cockpit directly.


      My question is: How to make the truststore directly using HCP Cockpit? I see only in Trust menu item, local service provider and Trusted identity provider. I didn't see "Destination configuration window", or "Use default JKS truststore". I  think I went to incorrect menu item. Kindly, clarify this point.


      Another question: How to create JKS file locally as you've mentioned?


      Regards,

      Mohamed.

      Author's profile photo Martin Grasshoff
      Martin Grasshoff
      Blog Post Author

      Hi.

      You can find the Destinations used by HCP here:

      Destinations_1.png

      Once you edit an existing Destination you can change the URL to https. The JKS options will appear:

      Destinations_2.png

      Now you can upload your trust- and/or keystore.

      In order to create a truststore you can follow these instructions: https://docs.oracle.com/cd/E19509-01/820-3503/6nf1il6er/index.html

      Kind Regards,

      Martin

      Author's profile photo Former Member
      Former Member

      Hi Martin,

      Is enough to add TrustAll value and set it by "TRUE" as follow to enable Https:

      TrustAll.png

      Jitendra Kansal  Claudia Pacheco Sukanya kClaudia PachecoJitendra Kansal

      Regards,

      Mohamed.

      Author's profile photo Roland Brechter
      Roland Brechter

      Hello,

      I try to adapt the instructions you show above for our factory HCP account (SAP HANA Cloud Platform Mobile Service activated), also I want to upload a keystore using the HANA Cloud Platform SDK.

      I get errors like "Not a valid SAP HANA Cloud Platform landscape host". I think the credentials I enter are wrong. The patterns you give above ("sxxxxtrial", "sxxxxx", etc.) seems to work for trial accounts, I need clarification how the patterns are for a factory/productive account. However, I do not want to post the credentials here in this comment. Could I send my data/credentials to one of you forum experts via mail?

      Author's profile photo Michael Appleby
      Michael Appleby

      Hi Roland,

      Please Follow the persons you wish to contact.  Then send them a Direct Message.  Alternatively, expose your email address in your profile so they can send you an email if they respond.

      Regards, Mike (Moderator)

      SAP Technology RIG