SAP Knowledge Base Article - Public

3368231 - The Communication Arrangement with certificate fails with an error message "HTTP/1.1 401 Unauthorized" (Eg: Postman)


User receives an error authentication failure of "HTTP/1.1 401 Unauthorized" when using a certificate for soap-webservices. Error occurs when using 3rd party Integration tool (For example: Orchestra-Middleware, SOAP-UI, Postman and Javascript-Program)


SAP Business ByDesign

Reproducing the Issue

Option 1: Error in Business ByDesign

  1. Go to Application and User Management Workceter
  2. Go to Communication Arrangement view
  3. Select 'Communication Scenario': ABC
  4. Select Edit
  5. Navigate to Technical Data tab
  6. Select Edit Credentials
  7. Navigate to the Certificate tab
  8. Select Create and Download Key Pair
  9. Enter in password

Observe an error message:

Error outputting keys and certificates

40C7579A457F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (RC2-40-CBC : 0), Properties () 


Option 2: Error in Postman

Use 3rd party integration tool (e.g. SOAPUI/Postman)

Observe an error message: 

HTTP/1.1 401 Unauthorized

content-type: text/html; charset=utf-8

sap-system: XYZ

www-authenticate: Bask realm=“SAP NetWeaver Application Server (XYZ/ABC](alias)*

strict-transport-security: max-age=31536000; indudeSubDomains

set-cookie: sap-usercontext=sapdient=ABC; path=/;HttpOnly;Secure

<html> <head><title>Logon Error Message</title><META http-equiv=“Content-Type* content=*text/html;charset=UTF-8" >< style type=“text/css*>body

Where XYZ is the System ID and ABC is Tenant ID


The user has not properly maintained authorization and certificate details in the third-party integration tool (for example, Postman).


To overcome the error, the user must verify and check to see if the certificate has been properly uploaded to the postman settings.

Please follow the procedures below to check in Postman:

  1. Go to Settings
  2. Navigate to the Settings tab
  3. Navigate to the Certificate
  4. Choose 'Add Cert'
  5. Select the pfx file and add the certificate
  6. Enter the Host and Passphrase

 Once completed, verify to ensure that all relevant details are present in the Header tab and test to see whether everything works.


HTTP/1.1 401 Unauthorized, Communication Arrangement, Postman, SOAPUI, Certificate , KBA , AP-RC-CEC-B2B , ByD On-Demand Cloud-Process Integration B2B , Problem


SAP Business ByDesign all versions