#6 How To… Implement End-to-End Push Notifications with HCPms and SAP Gateway
This is a part of the implementation details of How To… Implement End-to-End Push Notifications with HCPms and SAP Gateway.
Implementation Plan
Working with SAP Gateway Hub. Major to-do thing here is to configure the bgRFC (Background RFC) to create a queue for push messages. If you don’t need ERP backend access, you can implement OData services in the Hub system. The OData service must be implemented as “subscribable”.
Steps to Implement
1. Import Root CA Certificate from HCPms to SAP Gateway system
2. Configure HTTP Destination to HCPms
3. Configure bgRFC
1. Import Root CA Certificate from HCPms to SAP Gateway system
As HCPms requires SSL, we need to import the Root Certificate into SAP Gateway Hub system. Open your HCPms URL in the browser (Firefox is recommended to export the Root Certificate).
Click on the lock icon left side of the URL. Click on More Information.
In the popup, select Security tab and click View Certificate.
Select Details and choose your root certificate. Press “Export” and save the cert file on the disk (the format doesn’t really matter – choose the default PEM format).
In the Gateway Hub box, run the transaction code STRUST. Select “SSL client SSL Client (Anonymo” as shown.
Find and click the small icon for Import certificate. Select the Root Certificate file just downloaded.
Click on “Add to Certificate List”. (If you see the button is not activated, make sure your screen is in edit mode).
Be sure to save the imported Root Certificate file by pressing the Save icon.
2. Configure HTTP Destination to HCPms
Now we’re going to configure the HTTP connection between SAP Gateway Hub and HCPms. Run the transaction code SM59. Create a new entry with the Connection Type = G (HTTP connection). Type the Target Host for your HCPms instance server name with the port# 443. Enter the Path Prefix /Notification/ .
In addition to it, supply the http proxy server information so that SAP Gateway Hub can go through the proxy to the HCPms server.
Switch to the tab Logon & Security. Enter your HCPms account credential.
Scroll down – and select SSL = Active, SSL Certificate = ANONYM SSL CLIENT (Anonymous). This ensures the connection will use the Root Certificate you had imported.
After saving the configuration, press the connection test button. It should return “405 Method Not Allowed“. This is the expected result.
3. Configure bgRFC
Let’s create a bgRFC configuration. We need to do this step to create a push message queue for HCPms.
Run the transaction code SBGRFCCONF. First thing is –
a. Define Supervisor Destination
(Note – formal help document: Configure the bgRFC Supervisor Destination – SAP NetWeaver Gateway – SAP Library)
Click on the Define Supervisor Destination tab. Here you need to define Supervisor Destination, a kind of the system user setting. Click on the Create icon and name your Supervisor Destination = BGRFC_SUPERVISOR.
Enter the Destination Name and select Create User with the User Name = BGRFCSUPER (actually, the name can be anything). As the formal help document states, this user needs a SAP Role “SAP_BC_BGRFC_SUPERVISOR” assigned. No password needs to be set.
Note – the User generation in this window might not work well, depends on the password policy of your system. If you find it doesn’t work, create the user BGRFCSUPER via the transaction code SU01. (as a system user of type B)
In the transaction code SM59, now you have a RFC Destination “BGRFC_SUPERVISOR” in Connection Type 3. And the system user for bgRFC is assigned in the Logon & Security tab.
b. Define Inbound Destination
(Note – formal help document: Maintaining Inbound bgRFC Queue on the Hub System – SAP NetWeaver Gateway – SAP Library)
Run the transaction code SM59. Create a new RFC Destination “IWFND_ODATA_PUSH” in Connection Type 3. Supply Target Host = <the local SAP Gateway Hub server name> and its System Number.
Click on the Special Options tab, and scroll down to select Transfer Protocol = Classic with bgRFC. Save the config.
Run the transaction code SBGRFCCONF. Select the Define Inbound Dest. tab. Click on the create icon.
Here you enter the IWFND_ODATA_PUSH value you had created. This is going to be the name of the queue. Make sure to choose Logon/server group value too.
Now you had configured the bgRFC setting to create a push queue.
What’s next? Let’s try the push test.
#7 How To… Implement End-to-End Push Notifications with HCPms and SAP Gateway
Hi Ken
Thank You for this blog.
In the step Configure HTTP Destination to HCPms
After creating RFC, getting message as
ICM_HTTP_SSL_PEER_CERT_UNTRUSTED
Regards
Hi Ken
This is how we have done, is this correct?
I see your CN is *.dispatcher.hana..
Perhaps you should make sure if you chose the Root "Baltimore CyberTrust Root" http://scn.sap.com/servlet/JiveServlet/showImage/102-68561-4-821358/6.15.png
Hi Ken,
Its working fine now
Thank you
Hi Ken,
In my case, i tested to send notification by using restClient to SMP server is using http (http://publicIP:8080/), so do i need to import the certificate?
i get the following:
404 means you hit a server, but the resource you are trying to access is not found there. What SMP server version are you using?
Hi Jeff
I'm using SMP3 SP9.
Here's a tip.
In SMP Admin cockpit, find the app you want to use and there's "Push URL" value. Copy and paste it in the REST client, invoke it with HTTP GET. It should show "405 Method Not Allowed".
Hi Ken,
My Push URL is :
REST Client display Status 404:Not Found
"notification targetID is not specified, Cannot process the notification"
Hi Ken,
My mistake. I was accidentally set the REST Client as POST, After change the method as GET then i got the 405: Method Not Allowed.
So the smpPushUser with "Notification User" role will do.
Besides, i'm able to get "405: Method Not Allowed" in my SM59 too.
Thank you.
P/S : No any certificate imported in my case.
Hi Ken,
I am little confused. This total 6th document work is on NetWeaver Box or some process on ERP backend system also.
In my case, my OData service (Fetches Sales orders list) is created in the backend ERP system. But registered the service in my Netweaver box, so I can view that service from SICF T-Code in Netweaver box.
When ever a New sales order has been created in the backend ERP system, I need to send notification to the HCPms.
Now my main doubt is, Where we need to create the bgRFC and where to Monitor. ETC...
Please help.
Thank you.
Ravinder.
>registered the service in my Netweaver box
This is GW Hub.
>Where we need to create the bgRFC and where to Monitor
I think your landscape is exactly what is explained in the H2G. You need to create bgRFC queues for both GW Hub and ERP backend.
Hi Kenichi Unnai
Thanks for the response. I have another question.
Do we need to install Cryptographic Library before uploading our root CA certificate ?
Thank you.
Ravinder.
Actually I never installed SAP Gateway by myself.
If you have a working SAP Gateway correctly installed - I believe you won't need to do any additional libs installation.
Hi Kenichi,
We have gone through the blog and imported the certificate in STRUST.
We have set up the SM59 RFC connection – when we are trying to do connection test – we are getting login window and if we try putting the username and password – we are getting 401 error.
We have also tried executing the SCP Mobile Service URL from REST client and we are getting same 401 - error.
The objective is to send Push notification from SAP to SAP Cloud platform.
Can you please let us know if there are any settings we need to do to achieve this.
Thanks,
Madhur K