SAP S/4HANA SSL Auth Account

In this article

Overview

Use this account type to connect the SAP S/4HANA Snaps to SAP S/4HANA On-Premise instance using SSL-based authentication.

Prerequisites

  • Valid gateway system (which includes Host, Port, Client, Logon Language, Path prefix, and Service collection URL).
  • Valid certificates (Key store, Trust store, Key/Trust store password, and Key alias)

Limitations and Known Issues

None.

Account Settings


ParameterData TypeDescriptionDefault ValueExample 

Label

String

Unique name for the account.

N/A

SAPS4HANA_SSL_Auth_Acc

User Id

String

Required. The user name to connect to the SAP S/4HANA On-Premise server.

N/A

newaccountuser

Passphrase

String

Required. The password of the entered user name to connect to the SAP S/4HANA On-Premise server.

N/A

z00md0g!pack@Heavy/

Host

String

Required. The host server name of SAP S/4HANA On-Premise server.

N/A

newhost.example.com

Port


String

Required. The port of SAP S/4HANA On-Premise server.

N/A

35004

Client

String

Required. The client id of the SAP S/4HANA On-Premise server to which the user has access to.

N/A

100

Logon Language

String

Required. The logon language for specified Application Server.

N/A

EN

Path prefixString

Required. The prefix of the gateway endpoint path. Path prefix specifies a text element to add to the start of the URL used for connections to the service. Path prefix is used to build a Catalog URL and fetch associated service collection.

Syntax

http(s)://<host>:<port>/<Path prefix>

/sap/opu/odata

/sap/opu/odata

Service collection URL

String

Required. The service collection URL of the gateway endpoint path. Service collection URL specifies the relative path from where the catalog service is retrieved. Also, specify the sap-client following the URL.

/iwfnd/catalogservice/ServiceCollection

/iwfnd/catalogservice/ServiceCollection

Key store

String

Required. The location of the key store file. It can be in the SLDB or any other unauthenticated endpoint such as https://... 

N/A

https://example.com/keystore_path/file.p12

Trust storeStringRequired. The location of the trust store file. It can be in the SLDB or any other unauthenticated endpoint such as https://... N/Ahttps://example.com/truststore_path/file.jks
Key/Trust store passwordStringRequired. Password for key/trust store. It is used for both, Key store and Trust store, if both are defined.N/Az00mD0g!/
Key aliasStringRequired. The alias for the Key/Trust store password.N/A0017017439

Troubleshooting

ErrorReasonResolution

 IO/Error Cause: File not found on at
<---  path --->.

The file path entered is incorrect. Ensure that the file path is correct.
IO/Error Failed to decrypt safe contents
entry: javax.crypto.BadPaddingException: Given final block not properly padded.
Key store password is incorrect. Such issues can arise if an incorrect key is used during decryption.
  • Ensure that the files (key store or trust store) exist and are readable.
  • Ensure that you enter the correct password.
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target.
Valid certification path to requested target is not found.
  • Verify that your key/trust store format is correct (JKS, JCEKS, and PKCS12 are supported).
  • Verify that the uploaded key/trust store files are correct .
  • Ensure that the files (key store or trust store) exist and are readable.
IO/Error Cause: toDerInputStream rejects tag type <--- type number --->.toDerInputStream rejects tag type <--- type number --->, the input file is rejected.
  • Verify that your key/trust store format is correct (JKS, JCEKS, and PKCS12 are supported).
  • Verify if the uploaded key/trust store files are correct.
  • Ensure that the files (key store or trust store) exist and are readable.
Detect premature EOF.The file is empty.
  • Ensure that the files (key store or trust store) exist and are readable.

Additional Information

SAP Gateway

SAP Gateway, an integral part of SAP NetWeaver, lets you connect devices, environments, and platforms to SAP systems. It uses the Open Data Protocol (OData) so you can use any programming language or model to connect to SAP and non-SAP applications. SAP S/4HANA uses SAP Gateway and OData services to bring business data to compelling SAP Fiori apps. Snaps in the SAP S/4HANA Snap Pack use an SAP Gateway URL to access the S/4HANA services.

SAP S/4HANA Gateway URL
Formathttp(s)://<host>:<port>/<Path Prefix>/<Service collection URL>? sap-client=<Client Entry Number>&sap-language=<Logon Language>
Examplehttps://s4hana.example.com:44300/sap/opu/odata/iwfnd/catalogservice/ServiceCollection?sap-client=100&sap-language=EN

SSL Connection

SAP S/4HANA allows users to access the SAP gateway and APIs using X509 certificate authentication. To implement this certificate-based authentication (SSL), you need to upload the key/trust store files on your SnapLogic tenant and configure this account accordingly. Refer the following resources for more details about the SAP security and SAP SSL certificate settings.

Snap Pack History

 Click here to expand...
Release Snap Pack VersionDateType  Updates
4.29main108 StableUpgraded with the latest SnapLogic Platform release.
4.28main100 StableUpgraded with the latest SnapLogic Platform release.
4.27 Patchmain95 Latest
  • Enhanced the SAP S/4 HANA Snaps to support sub-entities and pagination support.

  • Removed unnecessary datatype conversions.

  • Reduced metadata request volume.

  • Fixed issues in concurrency exception and potential Snap crashes.

4.27main93 StableUpgraded with the latest SnapLogic Platform release.
4.26main88 StableUpgraded with the latest SnapLogic Platform release.
4.25main73
 
StableUpgraded with the latest SnapLogic Platform release.
4.24main73
StableUpgraded with the latest SnapLogic Platform release.
4.23main7430
 
Stable

Enhances the Snap Pack to handle batch and custom query operations:

  • Introduces the SAP S/4HANA Batch Read Snap that enables retrieving batches of records from an SAP S/4HANA On-Premise instance.
  • Introduces the SAP S/4HANA Batch Write Snap that enables writing batches of records to an SAP S/4HANA On-Premise instance.
  • Introduces the SAP S/4HANA Read Custom Query Snap that enables retrieving multiple records from an SAP S/4HANA On-Premise instance, based on custom queries.
  • Introduces the SAP S/4HANA SSL Auth Account type to enable SSL-based authentication on an SAP S/4HANA On-Premise instance.
  • Adds the Count field to the SAP S/4HANA Read Snap to allow returning the total number of records retrieved.
4.22 Patch 422patches6973 Latest

Enhances the SAP S/4HANA Snap Pack with the following additions:

4.22main6403
 
StableUpgraded with the latest SnapLogic Platform release.
4.21snapsmrc542

 

StableInitial release.


See Also