My Oracle Support Banner

HTTPCertSerialNo Is Not Applied To Outbound SOAP Call (Doc ID 2441141.1)

Last updated on FEBRUARY 03, 2019

Applies to:

Siebel CRM - Version 18.5 and later
Information in this document applies to any platform.

Goal

 

IP17 architecture, outbound HTTPS SOAP calls are routed to the tomcat. In order to enforce the selection of a defined certificate from the keystore, we set the HTTPCertSerialNo argument. Note that we don't call the EAI HTTP transport directly, but it is called via invoking a proxy business service:

 

psIn.SetProperty("siebel_transport_param:HTTPCertSerialNo", HTTPCertSerialNo);

psIn.SetProperty("siebel_transport_param:HTTPCertAuthority", HTTPCertAuthority);

 

var proxyBS:Service = TheApplication().GetService(ServiceName.valueOf());

proxyBS.InvokeMethod(ServiceMethod.valueOf(), psIn, psOut);

 

The problem is that I have one KEYSTORE containing both the server certificate and the client certificate of the outbound call. Both are signed against the same CA and thus the SSL key manager can use either of the certificates for the outbound call. The server receiving the outbound call however checks the CN name of the certificate. It only accepts the client certificate, but not the server certificate. Therefore, we need a way of specifying the certificate serialno.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.