Invoke Salesforce (SFDC) services from
Oracle SOA BPEL
If you face below exception while
invoking sales force services in BPEL, one of the probable reasons
could be because of unavailability of the required sales force/SFDC
certificates in Oracle SOA server.
Error:
<summary>
oracle.fabric.common.FabricInvocationException: Unable to access the following endpoint(s): https://login.salesforce.com/services/Soap/c/28.0
</summary>
<detail>
Unable to access the following endpoint(s): https://login.salesforce.com/services/Soap/c/28.0
</detail>
oracle.fabric.common.FabricInvocationException: Unable to access the following endpoint(s): https://login.salesforce.com/services/Soap/c/28.0
</summary>
<detail>
Unable to access the following endpoint(s): https://login.salesforce.com/services/Soap/c/28.0
</detail>
To resolve this, follow the below
steps.
1) Download certificates by visiting
the URL https://login.salesforce.com
through any browser
Note:
In firefox, you can see a lock symbol
in front of the URL. Click on it, a dialog will open, download the
certificates from here.
2) Copy this certificate
file(login.salesforce.com) to the machine where your soa server is
running. I would suggest to copy the certificate file to
JAVA_HOME/jre/lib/security.
3) Import certificates to Java trusted
CA certs file (cacerts).
Note:
cacerts file will be available in
your JAVA_HOME/jre/lib/security.
If you have many JDK versions
installed and not sure about which one is your SOA server using, then you can find it in setDomainEnv.sh/setDomainEnv.cmd file.
4) Run the below command to import the
certificate to cacerts file
Change the directory to JAVA_HOME/jre/lib/security
Command to import certificates
$keytool -import -alias login.salesforce.com -keystore cacerts -trustcacerts -file login.salesforce.com
If you face below error
while running the keytool command
$ keytool error: gnu.javax.crypto.keyring.MalformedKeyringException: incorrect magic
$ keytool error: gnu.javax.crypto.keyring.MalformedKeyringException: incorrect magic
The error is because you may have more than one version of keytool running in your machine, with the help of locate command in unix/linux, identify the directories where keytool is installed.
$ locate keytool
Then modify the command with the
absolute path to “keytool” as shown below,
$/u01/app/jdk16u/jdk1.6.0_20_org/bin/keytool
-import -alias login.salesforce.com -keystore cacerts -trustcacerts
-file login.salesforce.com
5) Modify the
setDomainEnv.sh/setDomainEnv.cmd file to remove the DemoTrust.jks
entry in Java Options. This will ensure that certificate that we
imported into cacerts will be used as keystore.
6) Restart both admin and soa managed
server
7) Make sure that the machine where soa
server is available is able to reach login.salesforce.com. Use the
ping command to know whether it is reachable. If you are not able to
reach then, add an entry to the hosts file in /etc directory (in
linux/unix)
8) Test the BPEL service which invokes
SFDC service.
I hope this explains you in detail on
how to import salesforce or SFDC certificates which helps the Oracle
SOA services to successfully invoke SFDC services without facing
security exceptions.
No comments:
Post a Comment