Symptom
You get the error 'The Certificate is Already Assigned to User _ABCXYZ (_ABCXYZ represents the communication user ID) when trying to upload the HCI client certificate in the inbound communication arrangements.
Environment
- SAP Hybris Cloud for Customer, all versions.
- Hana Cloud Integration, all versions.
Reproducing the Issue
- Go to the Administrator work centre.
- Go to the General Settings View.
- Click on the Communication Arrangements hyperlink under the Integration section.
- Select and open the relevant inbound Communication Arrangement.
- Click on View All.
- Click on Technical Data.
- The Authentication Method would be SSL Client Certificate.
- User ID: _DEFXYZ (_DEFXYZ represents the second communication user ID).
- Click on the button: Edit Credentials.
- Select the Certificate tab.
- Click on the button Upload Certificate.
- Browse and select the HCI client certificate.
- When uploading you get the error: 'Certificate is Already Assigned to User _ABCXYZ'.
Cause
The error is expected system behaviour because the HCI client certificate is already mapped to the communication user _ABCXYZ and cannot be assigned to _DEFXYZ.
To check the certificate mapping, please follow the below steps:
- Go to the Administrator work centre.
- Then select the Communication Certificates View.
Here you will see that the certificate is already mapped to the communication user _ABCXYZ.
The issue is encountered when you want to connect or integrate multiple external systems with Cloud For Customer system as only one HCI client certificate is offered to customers when getting your HCI tenant.
Resolution
If you need to connect more than one system you need to follow the steps below:
- Go to the Administrator work centre.
- Go to the General Settings View.
- Click on the Communication Arrangements hyperlink under the Integration section.
- Select and open the relevant inbound Communication Arrangement.
- Click on View All.
- Click on Technical Data.
- The Authentication Method would be SSL Client Certificate.
- User ID: _DEFXYZ.
- Click on the button: Edit Credentials.
- Select the Certificate Tab.
- Click on Download and Create Key Pair.
After creating and downloading the key pair which will be in .p12 format you need to upload this in your HCI keystore using Keystore explorer.
- Open Keystore explorer.
- Select Create a Keystore.
- Select JKS.
- On the Menu click on Import Keypair.
- Browse to the downloaded Key Pair and input the password you maintained when downloading the keypair from C4C.
- Maintain an alias name and click on OK.
- Maintain a new password for the Key pair.
- Click on File and then Save As.
- Save the file as name.jks.
- Go to HCI Web UI.
- Go to the Monitor (Operations View).
- Section Manage Security and choose Keystore.
- Click on Add then browse to the name.jks file, in Paraphrase input the password you maintained when saving the .jks file.
.
- After saving you will see the message:
- Now, in the iflows related to the second system you need to specify this certificate Alias in Eclipse as follows:
See Also
Keywords
Communication User, HCI, Hana Cloud Integration, Keystore Explorer, Key Pair, Certificate, Eclipse, Assigned , KBA , LOD-CRM-INT-ERP , Integration of C4C with ERP , How To