Skip to Content
Technical Articles
Author's profile photo Mandy Krimmel

Cloud Integration – How to Connect to an On-Premise sftp server via Cloud Connector

You may use the SAP Cloud Connector to securely connect to On-Premise systems. SAP Cloud Integration supports this configuration via the connection proxy type ‘On-Premise’ currently in the following receiver adapters:

  • AS2 (enterprise license only)
  • OData
  • HTTP
  • IDOC
  • LDAP
  • SOAP | SAP RM
  • SOAP | SOAP 1.x
  • RFC
  • Mail
  • XI
  • SFTP (with November release)

This includes support for connections to multiple SAP Cloud Connectors. For this use case you specify in your SAP Cloud Connector configuration a Location ID which you refer to in your sender or receiver adapter configuration.

Connect to an On-Premise sftp server via Cloud Connector

With the November 2018 release of SAP Cloud Integration we release a new version of the sftp sender and receiver adapter that supports connecting to On-Premise sftp servers using the SAP Cloud Connector. This configuration utilizes the SOCKS5 proxy supported in SAP Cloud Connector version 2.10 and higher.

You may use it in your sftp sender and receiver adapters to connect via TCP to your On-Premise sftp server. This scenario required so far dedicated ports to be opened in your fire-wall which was often not supported by your security policy. Opening of ports is now obsolete.

I assume you have already installed the SAP Cloud Connector and connected it to your SAP Cloud Platform account in which your subscription to SAP Cloud Integration resides. If not download a SAP Cloud Connector from our tools page and follow it’s installation documentation.

All you need to do now is to

  1. configure a new Cloud to On-Premise system mapping in your Cloud Connector and
  2. configure your sftp sender or receiver adapter accordingly

Let’s go step by step.

Configure a Cloud to On-Premise system mapping in the Cloud Connector

Logon to your Cloud Connector and add a Cloud to On-Premise system mapping. Maintain the parameter in the wizard as follows.

Set the Backend Type to ‘Non-SAP System’.

Select the ‘TCP’ Protocol. The configuration options for TCP are not as specific as for e.g. HTTP, i.e. the SAP Cloud Connector may not restrict potential misuse from your SAP Cloud Platform account. This is referred as security risk.

Maintain your On-Premise sftp server & port you want to connect to.

Define the virtual sftp server & port you want to expose to your SAP Cloud Platform Account (it will be re-used later in the sftp receiver adapter configuration).

Maintain an optional description, tick the ‘Check Internal Host’ checkbox (to have enable the ping test from SAP Cloud Connector to your On-Premise sftp server) and finish.

You may check and maintain your system mapping in the Cloud To On-Premise overview.

Logon to your Cloud Platform account and check the corresponding Cloud Connector status.

If all is fine you may consume your just established TCP connection in the sftp sender or receiver adapter.

Configure the sftp Sender or Receiver Adapter

Log on to the Cloud Integration WebUI and maintain the connection parameter in the sftp adapter properties as follows.

Maintain the virtual sftp server name & port for the proxy type ‘On-Premise’. Maintain the Location ID of the Cloud Connector, if configured in the Cloud Connector. Define the Authentication configuration as required by your On-Premise sftp server.

Important is that the public key of the sftp server must be added to the known host file with the address set in the channel. This correlates to the virtual server name as used in the Cloud Connector, do not use the real server name as defined in the Cloud Connector. This is because only the virtual server name is known by Cloud Integration.

Done, save and deploy the integration flow. Start sending messages from SAP Cloud Integration via your own On-Premise sftp server or start polling files from your On-Premise sftp server.

Troubleshooting

If you run into errors executing your scenario you may find information for error analysis at the following places:

  • Integration Content Monitor in Cloud Integration
  • Message Processing Monitor in Cloud Integration
  • Cloud Connector Connectivity Test
  • SSH Connectivity Test
  • Log File in Cloud Connector

Let’s have a short look at the different tools.

Integration Content Monitor

After deploying the integration flow you should first check in the Integration Content monitor in SAP Cloud Integration if the integration flow is started successfully. As integration flows with sftp sender adapters start polling immediately after the integration flow is started, errors during the poll are shown here. No message processing log is created in this case.

Poll Status (available with the 16-Feb-2020 update)

In the Status Details area you may find the status and the details about the current poll status:

If there is an error when polling messages via the sftp sender adapter the error would be shown here for the respective integration flow. In the Polling Information the status of the consumption is shown as Failed.

In the below sample error, you see that an error is coming back from the SOCKS proxy of the cloud connector. In this case you would have to check the monitor and the log files in the Cloud Connector for more details. Check that the request reaches your Cloud Connector instance at all, maybe the Location ID in Cloud Connector configuration does not fit to the Location ID used in sftp channel?

Message Processing Monitor

The second important monitor to be checked if your scenario does not work is the Message Processing monitor in the Cloud Integration Monitoring. If there is an error sending messages to a specific sftp receiver the error would be shown here.

In the below sample error, you see that the hostkey is rejected. This means that the public key of the sftp server is not maintained in the known hosts file for the configured virtual sftp host. Maybe the public key is maintained with the real sftp server address? If so, this entry needs to be changed in the known hosts file. Details about known hosts file maintenance you find in the blog How to setup secure connection to sftp server. Note that the public key cannot yet be downloaded via the Connectivity Test  when connecting to the sftp server via Clod Connector. The Connectivity Test will be updated soon to support this, the blog will then be updated.

SSH Connection Test

The Connectivity Test is available in Operations View in Web UI, in section Manage Security Material. Selecting the Connectivity Test tile from Overview Page opens the test tool offering tests for different protocols. To test the communication to the SFTP server, the SSH option is to be selected.

With the update on 6th of January you can select the On-Premise Cloud Connector proxy and enter a Location ID also in the SSH test to test the connection to the SFTP server via the Cloud Connector:

More details about the SSH connection test can be found in the blog How to Setup Secure Connection to SFTP Server.

Cloud Connector Connectivity Test (available with 29-September-2019 release)

The Cloud Connector Connectivity Test can be used to test if the Cloud Connector connected to the Cloud Integration tenant can be reached via the Cloud Integration’s runtime with the defined Location ID.

Like the SSH Connection Test, the Cloud Connector Test can be found in the Connectivity Tests tile in the Operations View in Web UI in section Manage Security Material. In the test tool select Cloud Connector. The only input field for the Cloud Connector test is the Location ID. Enter the Location ID you have configured in the Cloud Connector and also use in the adapter channel in the integration flow.

The test pings the Cloud Connector with this Location ID. If no Cloud Connector is connected with this Location ID the test fails:

If the Cloud Connector can be reached with the given Location ID the test executes successfully:

Cloud Connector Log

If you receive errors coming from the SOCKS proxy, you have to check the Cloud Connector log file for more information. Maybe the mapping for the used virtual host does not exist?

Assigned tags

      75 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Holger Himmelmann
      Holger Himmelmann

      Great, long awaited functionality!

      Author's profile photo Piotr Radzki
      Piotr Radzki

      Nice, looks like improvements in both CPI and Cloud Connectors are coming really fast! Extending patterns for cloud 2 on-prem integrations will be really useful.

      Author's profile photo Rashmi Joshi
      Rashmi Joshi

      Very well and step by step explained... Thank you for sharing it!!!

      Is there anyway to get access to CPI/HCI system?

       

      BR,

      Rashmi

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

       

      Hi Rashmi,

      to get access to a trial tenant you may contact the mail address mentioned in the blog: https://blogs.sap.com/2013/10/22/sap-hana-cloud-integration-test-and-learn-more-about-sap-s-cloud-based-integration-solution/

      Best regards,

      Mandy

      Author's profile photo SAP CPI 3
      SAP CPI 3

      if any document or pdf of sap cpi with success factors scenarios and study material can mailed me on ghadagealpesh@gmail.com

      Author's profile photo Anshul Walia
      Anshul Walia

      It was Indeed ..

      Author's profile photo Masoud AHANCHIAN
      Masoud AHANCHIAN

      Excellent post Mandy and great to see this feature is now enabled.

       

      For the incoming SFTP connection from SCP-I to Cloud Connector, is there a list of IPs that have to be whitelisted on firewall?

       

      Regards,

      Masoud

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

       

      Hello,

      the connection from Cloud Platform Integration to the Cloud Connector is done using a secure tunnel that is established from the Cloud Connector agent running in the On-Premise network.

      the Cloud Connector Setup including setup/configuration/network/security is described in the Cloud Connector Documentation: https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/e6c7616abb5710148cfcf3e75d96d596.html

      Regards,

      Mandy

       

      Author's profile photo Tom Xing
      Tom Xing

      Hi Mandy,

      Very nice feature, it's great to have it.

      Is "TLS Connectivity Test via SCC" on the roadmap?
      Intuitively it's a very similar feature - but probably less useful than SFTP connectivity though.

      Best regards,
      Tom

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

       

      TLS test is testing the SSL connection setup. In case of Cloud Connector, this is not possible as the connection to the Cloud Connector is done via HTTP and no SSL handshake is taken place. The SSL connection is only established between Cloud Connector and Backend. But yes, we are thinking about options how to offer a connectivity test for HTTP connectivity via Cloud Connector.

      Best regards,

      Mandy

      Author's profile photo Tom Xing
      Tom Xing

      Hi Mandy,

      Thanks for the answer, that's what I'm asking. Sorry for the confusion.

      Best regards,
      Tom

      Author's profile photo Freek den Teuling
      Freek den Teuling

       

      Hi Mandy,

       

      Thank you for the nice blog. I've a slightly different scenario that I can't seem to get working. Hopefully you might be able to provide some insight.

       

      I do want to develop a CPI flow that connects to an on-premise SFTP platform with Basic Authentication, however I want it deployed on SAP PO and not run from the cloud. Since my SAP PO and the SFTP platform are both on-premise I expected to be able to connect via regular SFTP configuration in CPI, but that doesn't seem te work (Cannot connect to sftp://<User>@<Host>:22).

       

      Any suggestions? Do I still need the Cloud Connector although my CPI flow runs on SAP PO?!

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

       

      Hello,

      I don't fully understand your scenario. The CPI flow should connect to the sftp server running on-premise or do you want to run the whole flow on PO via profile IGW in the Integration flow configuration? Meaning the integration flow shall be deployed to the on-premise system?

      If the flow is running in IGW runtime, there is no need to configure the Cloud Connector. This should run directly.

      Maybe you could open a ticket for the issue?

      Best regards,

      Mandy

       

      Author's profile photo Freek den Teuling
      Freek den Teuling

       

      Thank you for the quick reply. I indeed want to run the whole flow on PO via profile IGW in the Integration flow configuration. Thank you for confirming that, in that case, I don’t need the Cloud Connector.

      Now that I know my setup should be correct, I’ll open a ticket to ask further assistance with the issue I’m encountering.

       

      Best Regards,

       

      Freek

      Author's profile photo Baskar Singaram
      Baskar Singaram

      Dear Freek,

      Can you help me with the queries in this link regarding hybrid landscape setup.  Thanks for your kind support.

      Regards,

      Baskar

      Author's profile photo Alexis Schaffner
      Alexis Schaffner

      Hi Mandy,

      we are working with the 1811 SCPI release.

      we do not have the "proxy Type" option.

      therefore we cannot select the "on Premise" option as our SFTP is exposed by the cloud connector.

      where or what can we do to have this option?

      BR

      averygoodwalker

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hi,

      you not only need the newest stack version, but also use the latest version of the sftp adapter. Please delete the sftp channel and newly create it. Then the latest version of the adapter is taken, old versions of the sftp adapter will not have the CC option.

      Best regards,

      Mandy

      Author's profile photo Alexis Schaffner
      Alexis Schaffner

      Mandy,

      tks a lot, the option is now available.

      one different question, how to set the FM (into the SCPI) for a RFC call from a SCPI to a on-premise target?

      BR

      averygoodwalker

      averygoodwalker

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

       

      Hello,

      for RFC adapter I'm actually the wrong contact. Here I would refer to the blog: https://blogs.sap.com/2017/07/20/how-to-use-rfc-adapter-to-execute-remote-function-module-on-abap-system/

      Maybe ask your question there?

      Best regards,

      Mandy

      Author's profile photo Alexis Schaffner
      Alexis Schaffner

      Thank you for the support

      Author's profile photo Ramos de Oliveira Sergio Alberto Salomao
      Ramos de Oliveira Sergio Alberto Salomao

      Good morning, Mandt.

      How are you?

      We started the development of proof of concept for a client this week and a I have a doubt about the parameters that must be filled for the soap adapter receiver communication channel in SAP HCI:

      Following is the architecture that was defined for this POC:

      Legacy System Lecom (API) (On Premise) -> SAP Cloud Platform -> SAP API Management -> SAP HCI -> SAP Cloud Connector> Legacy System MXM (WebService XML/SOAP) (On Premise).

      How do I configure the adapter soap recevier to access WebSerivce of the Legacy MXM System via the SAP Cloud Connector?

      For this situation, I imported the WSDL from Legacy System MXM to SAP HCI according to the screen below, however I am in doubt about which value I should fill in the Address field.

      Should I fill the value of the Address field with the content of the Soap Address property contained in the WSDL file? Or with the content of the virtual host configured in the SAP Cloud Connector (screen also below)?

      The configuration made in the SAP Cloud Connector is with the TCP protocol and the address field on the soap adapter receiver (HCI) only accepts value with the nomenclature http: // <host>: <port>

      Could you help me?

      Regards,

      Sérgio Salomão

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

       

      Hello,

      this blog is about connecting to a sftp server via Cloud Connector, not how to connect via SOAP adapter to an on-prem backend.

      But let me give you some hints about the SOAP adapter:

      • the address field in the SOAP channel needs to contain the virtual host values defined in the Cloud Connector configuration
      • the cloud-to-on-premise configuration in the Cloud Connector configuration needs to have type HTTP or HTTPS depending how you want to connect to the backend. The virtual host attributes need to match the values set in the SOAP channel and the real endpoint address (as in the WSDL) has to be configured as internal host. This is the address that will be called from Cloud Connector.
      • The address in the SOAP adapter needs to start with http:// because the connection to the Cloud Connector is via a secure http tunnel, not via http. In the Cloud Connector you can use HTTPS to the on-premise backend.
      • Make sure you use the same Location ID in the SOAP channel and in the Cloud Connector configuration.

      I hope this helps you to set-up your communication.

      Best regards,

      Mandy

      Author's profile photo Ramos de Oliveira Sergio Alberto Salomao
      Ramos de Oliveira Sergio Alberto Salomao

      Thank you very much for the information

      Author's profile photo Vikas Singh Rajpurohit
      Vikas Singh Rajpurohit

      Thanks Mandy for the great blogs!!

      Author's profile photo Holmberg Liv
      Holmberg Liv

      Hi all,

      this sFTP adapter seems to be only for on-premise systems, is this correct?

      I need an sFTP receiver & sender adapter to a 3'rd party cloud system. Is this a go or no-go at this point or is it a similar configuration process? Any other things to consider for a cPI to Cloud connector?

      Thanks in advance for shedding light on this.

      LH

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      no, the sftp adapter can be used to any accessibly sftp server as well. If the adapter is used without proxy On-Premise than you can connect to any sftp server accessible from the internet.

      Best regards,

      Mandy

      Author's profile photo Vaishali Rani
      Vaishali Rani

      Hi Mandy,

       

      Thanks for the blog. I have a question, how can I pick files from local directory(NFS). Do I use the same concept. But what will be the address then?

      Regards,

      Vaishali

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello

      this is not supported with the sftp adapter.

      Best regards,

      Mandy

      Author's profile photo Vaishali Rani
      Vaishali Rani

      Hi Mandy,

      Thanks for your reply. Would you know how we can pick files from on prem directory in CPI. In PO 7.5 it is using NFS.

      I assumed we could follow the same approch to connect to system on prem and fetch file using SFTP adapter.

      Regards,

      Vaishali

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      in PO this can be done using the file adapter, the sftp adapter cannot access NFS on-prem file shares. This is not possible with CPI, you need to use an sftp server.

      Best regards,

      Mandy

      Author's profile photo Harsha Gaonkar
      Harsha Gaonkar

      Hi Mandy

       

      SFTP is installed on S4 HANA and Cloud connector is installed on S4 HANA.

      I did Virtual host mapping on cloud connector then I use Virtual host in SFTP Receiver adapter.

      I used Virtual host name-ssh-rsa - <Public key> in KNOWN_HOST file

      My Proxy type is "ON PREMISE" and I am using Authentication as UserName/password ,

      Still I am getting Error

      HostKey has been changed

      Please help

      is issue that SFTP  on S4 HANA?

      Thanks

      Harsha

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      it’s hard to analyze with having only these details. In general the configuration you described should be sufficient. What does the Connectivity Test tell you? Maybe the known hosts file does not really contain the correct host key?

      The error means that there is an entry for this host in the known hosts file, but the host key does not fit to the one provided by the server.

      Please do the connectivity test with the virtual host name you also use in the cloud connector. And add the host key returned in the known host file with virtual host name.

      Maybe someone changed the configuration in the cloud connector and the real host now points to a different host? Or there is another Cloud Connector with another location ID using the same virtual host? The virtual host needs to be unique across location IDs.

      This should work.

      Best regards,

      Mandy

      Author's profile photo Harsha Gaonkar
      Harsha Gaonkar

      Hi

      Thanks a lot Mandy.

      You are incredible.

       

      S4 HANA SFTP team give me public key. I was using that in Known_Host file.

      after you suggestion, I use connectivity test and copy host key from Connectivity test.

      I used that In Known_host file.

      It is working now.

       

      Thanks

      Harsha

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Thank you for the info. I'm happy that it works now 🙂

      Author's profile photo Gilles Vieli
      Gilles Vieli

      Dear Mandy,

      It seems you're the best person to which to ask the following : is there a way to connect SMB/CIFS  shares, from C/4 Cloud to an on-premises Windows server. I've the feeling the answer will be no, but I keep my fingers crossed 😉 And if not, is such a function in the SCC development pipeline ?

      Thanks in advance for youur precious help

       

      Gilles

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hi,

      sorry, but I do not understand how this is related to CPI? Maybe you could give some more context on the part of CPI in such a scenario? In CPI there is no adapter to connect via SMB/CIFS to Windows servers.

      BR

      Mandy

      Author's profile photo Pavan G
      Pavan G

      Hi Mandy,

      Thanks for the detailed blog.

      I am trying to deploy the known_hosts file to my CPI tenant to establish the connection between SFTP and CPI.

      But I am getting the below error:

      “Deploy artifact failed with error: You are not authorized to perform this operation”

      I am having the admin roles.

      Please let me know if I am missing anything.

      Regards,

      Pavan

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      As the message indicates you have no authorization to deploy security artifacts. You need tenant administrator rights for deploying security artifacts.

      Best regards,

      Mandy

       

      Author's profile photo Pavan G
      Pavan G

      Thanks, Mandy

      I have assigned the roles to my S-User and I am able to deploy the known_hosts file now.

       

      Regards,

      Pavan

      Author's profile photo Pushkar Patel
      Pushkar Patel

      Hi Mandy,

      Thanks for sharing this.

      Is there any option to connect to NFS  from CPI via Cloud Connector ?

      Thanks,
      Pushkar

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      No, this is not possible with the sftp adapter.

      Author's profile photo Pushkar Patel
      Pushkar Patel

      Thanks Mandy for your reply, do you think it can be a possibility with future release ?

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      It's currently not on the roadmap. But if there are multiple customer requests into this direction we will for sure evaluate the request further.

      Best regards,

      Mandy

      Author's profile photo Siva Po
      Siva Po

      Hi Mandy,

      If I need to connect to SFTP Server through Internet (not cloud connector On-Premise), do I need to  Create a OSS note to SAP OPS team to whitelist the SFTP Server IP address ?

      Asking since I am getting "socket is not established" exception while testing the connectivity from CPI.  I have maintained known_host file correctly.

      Thanks.

       

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      you need to open the ports in your firewall to allow connection to your sftp server. The sftp server needs to be accessible from internet. See: https://help.sap.com/viewer/ea72206b834e4ace9cd834feed6c0e09/Cloud/en-US/d722f7cea9ec408b85db4c3dcba07b52.html

      BR,

      Mandy

      Author's profile photo Ameer Khan
      Ameer Khan

      Hi Mandy,

       

      Thanks for the valuable blog.

      I have a scenario where the requirement is to place a file in a local folder in S4 HANA via CPI.

      I understand we cannot do it by using ftp/nfs in CPI.

      Can you suggest if there is an option to place a file in S4 HANA folder by using CPI.

       

      Thanks in advance.

       

      Best Regards,
      Ameer

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      in CPI there is no file/nfs adapter. You need a sftp or after the T5 upgrade a ftp adapter that can put files to sftp or ftp servers. From there you may have some file move tool running that puts the file to the S/4 local folder.

      BR

      Mandy

      Author's profile photo Shoukat Ali
      Shoukat Ali

      Mandy Krimmel we get the following error when try to connect to on premise sftp from cloud connector:

      com.jcraft.jsch.JSchException: ProxySOCKS5: java.net.SocketTimeoutException.
      in the cloud connector, mapping virtual to internal host is present. is there any firewall or port to be opened?
      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      this error comes from the Cloud Connector. Please re-check the configuration in the sftp channel and the virtual host mapping in the Cloud Connector. And check that the known host entry for the key is maintained with the server configured in the sftp channel.

      Furthermore please check in the Cloud Connector logs.

      Best regards

      Mandy

      Author's profile photo Shoukat Ali
      Shoukat Ali

      in the cloud connector, at mapping level check it is not reachable. in the cloud connector log there is timeout exception.

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      then the sftp server seems not reachable from where the Cloud Connector is installed?

      BR

      mandy

      Author's profile photo Shoukat Ali
      Shoukat Ali

      Yes, it's not reachable from cloud connector. Is it firewall or white listing issue?

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      As this is all installed in the on-prem landscape you should know if there is a firewall between the CC and the sftp server and what to configure that the connection can be established. Maybe you consult with your network administrator?

      BR

      Mandy

      Author's profile photo Naresh Dasika
      Naresh Dasika

      Hello Mandy,

      AS-IS Interface on SAP PO is:

      Concur SFTP --> (SFTP Sender channel) --> SAP PO -> (File/NFS channel) SAP ECC directory (AL11)

      As part of SAP PO to SAP CPI migration, we have to move this Integration from SAP PO to CPI.

      Hence looking to establish a connection from SAP CPI to SAP SCC to SAP ECC (AL11).

      Since there is no NFS/File adapter available in CPI adapters list, how can we move forward here? Moving the file to SFTP and setting up another job to move the file from SFTP to ECC AL11 doesn't look good here as it has many hops. File/NFS adapter is pretty much required for the customers who migrate their interfaces from SAP PO to SAP CPI. It would be really helpful If SAP can get this adapter at the earliest.

       

      Regards,

      Naresh Dasika

       

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      in Cloud Integration there is no File Adapter planned at the moment. The adapters for file transfer are sftp and ftp, because the file adapter is nothing that works in the cloud.

      If you want to move such scenarios using file transfer you need to adjust the scenario.

      Best regards

      Mandy

      Author's profile photo Naresh Dasika
      Naresh Dasika

      Submitted an Improvement Idea for File adapter in SAP CPI.

      https://influence.sap.com/sap/ino/#/idea/262010/?section=sectionVotes

       

      Author's profile photo Toni Cunill
      Toni Cunill

      Very good link

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hi

      this error sounds like the hostname in your channel does not match the virtual host in the cloud connector configuration.

      Best regards

      Mandy

      Author's profile photo Yeswanth Posam
      Yeswanth Posam

      Hi Mandy,

      I am unable to add known host file in security material. I have copied the Host key for Host and port configured in cloud connector but unable to add key in known host file.

      Please find the screenshots below.

      Virtual Host and port as configured in CC

      Connectivity%20Test

      Copied the key and pasted it in Notepad and uploaded it in Security Material --> known hosts

      known_hosts

      known_hosts

      Error when uploaded in Security Material

      Connectivity Test

      Is it validating host used as Virtual Host in Cloud connector? If so, what should be configured in known_hosts file.

       

      Regards,

      Yeswanth

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Looks like the format of the known hosts file is wrong, please check that it really is having following format:

      ld2345.wdf.sap.corp ssh-rsa AAAAB3NzaC1yc2EAAAo………2pOx2ADnZ1WwtjW48=

      Whereas the server name needs to be the virtual host name entered in the sftp channel.

      BR

      Mandy

      Author's profile photo Yeswanth Posam
      Yeswanth Posam

      Hi Mandy,

      I have configured below details in SFTP sender channel.

      Address = Hostname:Port (virtual_sftp:450)

      SFTP%20channel%20Configuration

      SFTP channel Configuration

      I tried uploading known hosts files in below 2 formats.

      Hostname:Port as configured in Sender channel (copied and pasted the host key from Connectivity Test tab)

      Modified file with only Hostname(i.e. server name) as per host key file structure

      but I am getting same error as below for 2 files

      and I assume Iflow could not be deployed because of known hosts file issue as per below issue while deployment

      deployment%20issue

      deployment issue

      Regards,

      Yeswanth

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Could you please change your virtual host name to something without underscore. The underscore is the problematic character. See:

      https://en.wikipedia.org/wiki/Hostname#Syntax

      Note that you will then also have to change it in Cloud Connector and in sftp channel.

      Best regards

      Mandy

      Author's profile photo Shiveta Pandita
      Shiveta Pandita

      Hi Yeswanth,

       

      Your scenario seems pretty much like mine, I just have a query, I am getting the below error after creating the cloud-on premise system mapping and hence the connectivity test ping from CPI is also not successful.

      Any help would be appreciated.

       

      Regards,

      Shiveta

      Author's profile photo Yeswanth Posam
      Yeswanth Posam

      Hi Shiveta,

      I tried by removing "_" in Virtual host as Mandy stated above but at Cloud connector level "_" does not matter. Please check by removing "_" and also try deleting mapping and create again as status is "Not Reachable".

       

      Regards,

      Yeswanth

      Author's profile photo Yeswanth Posam
      Yeswanth Posam

      Thanks Mandy,

      I am able to pick file from on-premise sftp server now after removing "_".

       

      Regards,

      Yeswanth

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Thanks for confirming 🙂

      Author's profile photo Shiveta Pandita
      Shiveta Pandita

      Hi Mandy,

       

      I have the exact scenario(S4 on premise -> CPI -> cloud application) in my project, but we are struggling at the "Connectivity Test" step in CPI. I have done all the configurations in CPI & cloud connector but still not able to generate the "known_hosts" file in CPI, getting the below error.

      Any idea what might be the issue? also is there any other way to generate the known_hosts file?

       

      Thanks in advance.

       

      Shiveta

      Author's profile photo Yeswanth Posam
      Yeswanth Posam

      Hi Shiveta,

      I think Cloud connector is not required for S4 on-prem --> CPI(required only for CPI --> S4 on-prem) connectivity and known hosts file is only for integrating CPI with SFTP server.

      If SFTP adapter with on-prem server is on sender or receiver side is used, then Cloud connector is mandatory(as CPI needs to pick/drop file in SFTP server folder).

       

      Regards,

      Yeswanth

      Author's profile photo Shiveta Pandita
      Shiveta Pandita

      Hi Yaswanth,

       

      That's absolutely true, and we won't be using the cloud connector for any outbound SFTP interface from S4 to CPI. The issue we have is the generation of "known_hosts" file which we are not able to generate.

      We have tried pinging S4 SFTP host and as well as cloud connector (virtual host) from CPI's test connectivity tab  but neither of these connections have been yet successful.

      Regards,

      Shiveta

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      still struggling to understand the problem. you are trying to connect to a sftp server from CPI?

      What do you mean by generate known_hosts file? This file is not generated, this file is usually created by the admin and contains all connected sftp hosts with their public keys.

      Known Hosts File - SAP Help Portal

      Did you create the known hosts file and deploy it in the cloud integration tenant?

      BR

      Mandy

      Author's profile photo Barath Vivekanandan
      Barath Vivekanandan

      Hi Mandy,

      I'm trying to connect single On-Premise system as both sender and receiver to test the transmission of file using SFTP adapter.

      1. Cloud connector is reachable and deployed perfectly.
      2. Connectivity test has been done successfully.
      3. Directories test has been done successfully, that we can able to access the directories we need.

      I deployed the iFlow perfectly and the status is started. But the file didn't move to the target path which was configured in the receiver point.

      Is there anything that needs to be setup?

       

      Thanks,

      Barath V

       

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hello,

      what is the error you see in the message processing log?

      BR

      Mandy

      Author's profile photo Dinesh M
      Dinesh M

      Hi Mandy,

      I exposed one of my folder in system , The root directory is as below

      G:\SFTP\data

      Root Folder: data

      When I mention the root path exactly( as given above) in CPI, it throws error as invalid so I changed backward slash to forward slash. Now, flow is deployed but the data transfer is not happening

      Any idea what could be the issue?

      (I tried by giving only root folder path as well instead of full path but even in that case data transfer is not happening )

      Thanks,

      Dinesh

      Author's profile photo Mandy Krimmel
      Mandy Krimmel
      Blog Post Author

      Hi Dinesh,

      please note that this is an SFTP Adapter, not a file adapter. It picks files from sftp servers, not from your local system. You need to offer the files on an sftp server that can be connected via SSH. Please use the SSH connectivity test to test this connectivity.

      Best regards

      Mandy

      Author's profile photo Dinesh M
      Dinesh M

      Hi Mandy,

      I used an external app to expose my folders. I fixed the issue

      Directory path I haven't provided properly.

      Thanks,

      Dinesh