Use the SAP Cloud SDK for JavaScript / TypeScript to reduce development effort when building applications on SAP Business Technology Platform that communicate with SAP solutions and services such as SAP S/4HANA Cloud, SAP SuccessFactors, and many others.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
I am part of the SAP BTP's Unified customer landscape integrations team. In short our service allows customer's to automate their connectivity between a BTP account and their SuccessFactors/S4Hana tenant. For some authentications however we still do not have automatisation but we have provided customers with a documentation of how they can setup the connectivity manually, e.g. https://help.sap.com/docs/btp/sap-business-technology-platform/using-mutual-transport-layer-security-mtls?version=Cloud#loioe90cafcd92a54d1cba7d7fa049f674fa. In this page we describe mTLS authentication to SuccessFactors and we have documented it with PEM type keystore from Destination service.
A client of ours followed that but then tried to consume the destination through a JavaScript application developed with Cloud SDK and got the error "The format of the provided certificate 'SF_Integration.pem' is not supported. Supported formats are: p12, pfx."
Describe the solution you'd like
Support for PEM type keystore
Describe alternatives you've considered
Clear error message with conversion instructions like with JKS
Impact / Priority
We will take steps to update our documentation with instructions for P12, as well as the existing ones for PEM, but it would be great for customers if they could use PEM directly, because even if they use P12 they will still need to extract the certificate from it in PEM format to then be able to allowlist it in their SuccessFactors tenant.
Additional context
Add any other context or screenshots about the feature request here.
Hey @DobrinTs, this feature has been implemented here and will be released with the next version of SAP Cloud SDK for JS. Feel free to try out the latest canary version until then.
Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] I am part of the SAP BTP's Unified customer landscape integrations team. In short our service allows customer's to automate their connectivity between a BTP account and their SuccessFactors/S4Hana tenant. For some authentications however we still do not have automatisation but we have provided customers with a documentation of how they can setup the connectivity manually, e.g. https://help.sap.com/docs/btp/sap-business-technology-platform/using-mutual-transport-layer-security-mtls?version=Cloud#loioe90cafcd92a54d1cba7d7fa049f674fa. In this page we describe mTLS authentication to SuccessFactors and we have documented it with PEM type keystore from Destination service.
A client of ours followed that but then tried to consume the destination through a JavaScript application developed with Cloud SDK and got the error "The format of the provided certificate 'SF_Integration.pem' is not supported. Supported formats are: p12, pfx."
I was able to find this in your implementation at https://github.com/SAP/cloud-sdk-js/blob/4cd9019aa366d19ba6617910828efcacb40f90de/packages/connectivity/src/http-agent/http-agent.ts#L205. Is it possible to allow further keystore types like PEM and JKS or if not the atleast provide a better error message for PEM type similar to how you have done this for JKS keystores - https://github.com/SAP/cloud-sdk-js/blob/4cd9019aa366d19ba6617910828efcacb40f90de/packages/connectivity/src/http-agent/http-agent.ts#L235
Describe the solution you'd like Support for PEM type keystore
Describe alternatives you've considered Clear error message with conversion instructions like with JKS
Impact / Priority
We will take steps to update our documentation with instructions for P12, as well as the existing ones for PEM, but it would be great for customers if they could use PEM directly, because even if they use P12 they will still need to extract the certificate from it in PEM format to then be able to allowlist it in their SuccessFactors tenant.
Additional context Add any other context or screenshots about the feature request here.