I’m continuing with my blog series on testing tools. This blog post focusing on testing a SFTP connection using certificate authentication using my favorite windows tool, WinSCP. This is a windows tool and can be downloaded from h http://winscp.net/eng/index.php
Its always a good idea to be able to test any connection you need to use for an integration prior to any development starting. From my perspective communications problems are always the most difficult of issues to resolve. You not only have your networking teams to deal with but also those of the partner you are connecting to. Factor in some outsourcing or third party hosting and it can take quite a while to resolve any issue. So, the moral of this story is that if you are able to test the connection first then do it.
So lets look at the basic settings first.
For the specific site enter the following
Select the connection type first. In this case SFTP
Host/IP: Enter the address
Port: Enter port provided, usually 22 but always double check
Username: Username supplied by vendor, which may not be required
Private key: Reference your private key (the vendor should have installed your public key on their server)
Password: Enter the password (if provided)
Now click on Proxy
In my organisation we are using a proxy to connect to the vendor. The configuration has a very specific Proxy Type and Port. make sure you validate this with your technical team. Also important to note is that some vendors will restrict access to their services based upon the source address (your source address). If you are going through a proxy then the source address will be your proxy and not your PO/PI system. This is important to note. Your Basis or Networking team will be able to provide this information.
Proxy type: SOCKS5
Proxy Host: xxxxxxxxx
Now click on Save. Test the connection by selecting ‘Logon’. If successful you will be able to see the SFTP’s server’s directory. Please note that the log file entries shown below may differ to those you see. Some of the messages are dependant on a specific configurations or SFTP server software used.
OK, now the private key I am using came from my PO keystore. However, if I export it and then try to use it in WinSCP it complains so we have a little more work to do.
- Export private key from NWA making note of password.
- Download open SSH, open the zip file and copy the files/diretories to your PC. I downloaded it from https://code.google.com/p/openssl-for-windows/
- Copy the exported SAP NW PO Key file to the openSSH bin directory
- Open a command line and change the directory to the openSSH and run the following command replacing inputfilename with the name of the SAP NW PO keyfile
- openssl pkcs12 -in inputfilename -nocerts -nodes | openssl rsa > id_rsa
- You will be prompted for the password you entered when exporting the key and then the RSA key will be output
- Open puttyGen (installed as part of WinSCP)
- Import the rsa_id file you created (this is the private key)
- Save the private key (PPK format)
- Save the key and use it in WinSCP making sure you delete the rsa_id and SAP NW PO key files.
Blogs in Series
Blog 1: HTTP Post Testing: Test Tools…Part 1 *HTTP *
Blog 2: SFTP Testing: Test Tools…Part 2 * SFTP *
Blog 3: REST Testing: Test Tools…Part 3 * REST *
Blog 4: SOAP Testing: Test Tools…Part 4 * SOAP *
Blog 5: SOAP Testing: Test Tools…Part 5 * JMeter *