Skip to Content

I want to share my “lessons learned” regarding https-configuration of CTI / Live-Activity

My knowledge is based on following sources:

Some hints regarding http

First advice:  Do the initial setup/testing using HTTP. Once this is working, switch to HTTPS.

As mentioned before, my favourite setup-how to is https://archive.sap.com/documents/docs/DOC-61429

Using Microsoft-Internet-Explorer, follow https://archive.sap.com/documents/docs/DOC-61430 . In my case I also had to add localhost to trusted-sites in addition.

Using Google Chrome, https://archive.sap.com/documents/docs/DOC-61611 is still correct. But as shown here this ends in security-warnings

This is a “no-go” from my point of view: …don’t care about this security warning, it’s safe… just ignore & continue…
(Please comment, how you think about this!)

 

How to switch to https

Preparations for local client

Mainly you have to follow help.sap.com: https://help.sap.com/viewer/cea15f900ca04c4faa35d3044577fe27/1708/en-US/186e3fef763d1014bf40f03714bee892.html

Unfortunately this refers to a deprecated MS-tool named makecert. The new tool is named New-SelfSignedCertificate (according to https://msdn.microsoft.com/en-us/library/windows/desktop/aa386968(v=vs.85).aspx ).

Unfortunately I wasn’t able to transfer the settings to New-SelfsignedCertifacate. Solution in my case:  My IT-Webserver-colleague created a webserver-certificate for CN localhost (Thanks Daniel).

So I got a certificate stored in a .pfx-file

This has to be installed as Administrator (doubleclick) and saved to “Local computer” (not current user!).
Now you have to lookup the fingerprint of this certificate: Please start certlm.msc (as administrator) and navigate to “Own certifactes”/ certifcates, details-tab and look for the fingerprint

(sorry for “german” screenshot)

This fingerprint has to be copied to clipboard. Spaces have to be deleted, and it has to be “pure” ASCII.

In my case the fingerprint is b4a7274eb7bcd41a0536353addfd3b3c5aca3948 (your’s will be different)

Now proceed according to help.sap.com with following command (as administrator using cmd)
netsh http add sslcert ipport=0.0.0.0:36731 certhash=b4a7274eb7bcd41a0536353addfd3b3c5aca3948 appid={7e46cd40-39c6-4813-b414-019ad22e55b2}

This will “connect” the certificate with the C4C-Client-Adapter.

Finally check the result: Call up URL https://localhost:36731/CTIMain.htm

It should look like this

Important is, the green lock and the word “Sicher” = “Secure”.

Everything else means, the certificate isn’t correct yet.

 

Check/Change C4C-Liveactivity to use https

This is hidden inside Scoping (strange, but that’s the way it is):

 

Test it

Now you can test this using the Simulate-button of CTI-Adapter
(I deleted browsercache to be sure)

In my case I struggled according to FAQ topic 4) https://blogs.sap.com/2017/06/06/faqs-related-to-cti-integration-in-sap-hybris-cloud-for-customer/

F12 – Developer-Tools & SAP-Support have been the solution in my case.

 

Final Result

Simulate Call works (Live activity is updated) and Webbrowser shows a “Secure” connection.

 

FYI:

1) Currently I still struggle with a tiny “warning” regarding unsecure scripts:

(ongoing SAP-incident). Nevertheless it seems not to interfere the functionality. I’ll update this article, once this is fixed.

 

2) I intend to add another blog-article with details regarding Inbound-CTI-Setup using CISCO Jabber in  near future.

 

3) Please check also my “idea” how to improve Live-Activity https://ideas.sap.com/D43490

 

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply