Hello Experts,
Giving you the background , we have imported and configured interface content of ACF (Altinn Connection Framework) provided by SAP (service market place). which will basically integrate SAP HR system with Altinn (Norwegian TaX system). Sync Message will be always sent from HR system to PI and which will be sent to Altinn system via Receiver SOAP Adapter (as webservice call). The target URL of Altinn will be https:// eg https://www.altinn.no/AuthenticationExternal/SystemAuthentication.svc
its working as expected BUT * without importing any certificate of Altinn in PI STRUSTor J2EE engine’s keystore. And Also we have not enabled HTTPS in PI.
My Question is on Security of the message flow.
* Since we are passing the message from PI (which is not HTTPS enabled) to Atinn System by calling Target HTTPS Webservice, whether this message is Secure ? if its secure how we can prove i ?
my doubt is as per the link help.sap link-HTTP and SSL it says "Both parties of an HTTP connection (that is, the HTTPS client and the HTTPS server) must be technically enabled."
but without enable the HTTPS in PI its working.
* we tried enabling the HTTPS in PI as per help.sap link-HTTP and SSL , but no were in the Trace which shows the message was sent from HTTPS port of PI to the target URL . if you know where I can find the trace of it ?
Regarding,
Danab.