Symptom
You are sending data from Cloud for Customer to SAP ERP/CRM/S4H via Cloud Platform Integration(CPI) and the message fails in C4C with error HTTP 403 or 401 (Forbidden/Unauthorized).
Environment
- SAP Cloud for Customer
- Cloud Platform Integration
Reproducing the Issue
- Login to C4C.
- Go to Webservice Message Monitoring.
- Check the failed outgoing message with error "HTTP 500 Internal Server Error" or 401 (Unauthorized).
- Navigate to error log, you will see: HTTP Code: 403 or 401 ( ) - An internal error occurred during message processing.
Cause
The C4C Client (M) certificate has been renewed and/or the Root and Intermediate certificates of the C4C client certificate (M) are not available in the CPI keystore.
Resolution
- In case you were not informed about the C4C certiifcate renew, please follow the steps outlined in the KBA 2585332 - Tenant Certificate Renewal for SAP Cloud for Customer.
- Download the renewed client Certificate(M-User certificate) from C4C Work Center: Administrator → Communication Certificates → Download Tenant Certificate.
- Upload the renewed C4C client certificate in the CPI as mentioned in our blog: How to Setup Secure HTTP Inbound Connection with Client Certificates / Cloud Integration on CF - How to Setup Secure HTTP Inbound Connection with Client Certificates.
- Add the attached certificates (SAP Cloud Root CA) to the CPI keystore.
See Also
Online Help page: SAP Cloud Platform Integration
Keywords
CPI CERTIFICATE C4C HTTP 403 401 500 , KBA , LOD-C4C-NET , Network Connectivity and Certificates , How To
Product
SAP Cloud for Customer core applications 2102
Attachments
C4C_root-certificate.zip |