search

SAP / cloud-sdk-js

Use the SAP Cloud SDK for JavaScript / TypeScript to reduce development effort when building applications on SAP Business Technology Platform that communicate with SAP solutions and services such as SAP S/4HANA Cloud, SAP SuccessFactors, and many others.
Apache License 2.0
162 stars 56 forks source link

Support more keystore types - PEM #4440

Closed DobrinTs closed 8 months ago

DobrinTs commented 8 months ago

Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] I am part of the SAP BTP's Unified customer landscape integrations team. In short our service allows customer's to automate their connectivity between a BTP account and their SuccessFactors/S4Hana tenant. For some authentications however we still do not have automatisation but we have provided customers with a documentation of how they can setup the connectivity manually, e.g. https://help.sap.com/docs/btp/sap-business-technology-platform/using-mutual-transport-layer-security-mtls?version=Cloud#loioe90cafcd92a54d1cba7d7fa049f674fa. In this page we describe mTLS authentication to SuccessFactors and we have documented it with PEM type keystore from Destination service.

A client of ours followed that but then tried to consume the destination through a JavaScript application developed with Cloud SDK and got the error "The format of the provided certificate 'SF_Integration.pem' is not supported. Supported formats are: p12, pfx."

I was able to find this in your implementation at https://github.com/SAP/cloud-sdk-js/blob/4cd9019aa366d19ba6617910828efcacb40f90de/packages/connectivity/src/http-agent/http-agent.ts#L205. Is it possible to allow further keystore types like PEM and JKS or if not the atleast provide a better error message for PEM type similar to how you have done this for JKS keystores - https://github.com/SAP/cloud-sdk-js/blob/4cd9019aa366d19ba6617910828efcacb40f90de/packages/connectivity/src/http-agent/http-agent.ts#L235

Describe the solution you'd like Support for PEM type keystore

Describe alternatives you've considered Clear error message with conversion instructions like with JKS

Impact / Priority

We will take steps to update our documentation with instructions for P12, as well as the existing ones for PEM, but it would be great for customers if they could use PEM directly, because even if they use P12 they will still need to extract the certificate from it in PEM format to then be able to allowlist it in their SuccessFactors tenant.

Additional context Add any other context or screenshots about the feature request here.

mr-flannery commented 8 months ago

Hi @DobrinTs , we've discussed this and put it into our backlog. We're planning to work on it soon.

marikaner commented 8 months ago

Hey @DobrinTs, this feature has been implemented here and will be released with the next version of SAP Cloud SDK for JS. Feel free to try out the latest canary version until then.