Sonam, Ariba does a certificate validity check. If the Issued To" field doesnt match your URL domain ie. your ip
address, the certificate generated is rejected by Ariba.
And the error page generated is not page cannot be displayed, it is "The XML page cannot be displayed "
> Sonam, Ariba does a certificate validity check. If the Issued To"
> field doesnt match your URL domain ie. your ip
> address, the certificate generated is rejected by Ariba.
You’re right - I dug around a bit, and found this Ariba notice from March about migrating the remaining HTTP customers to HTTPS by June.
It looks like Ariba requires the Certificate Common Name (the “CN” portion in the WM certs web admin screen) to be the server DNS name. That’s how we have it here anyway.
Ariba seem to not accept IP addresses though, so I am not sure what you mean by “URL domain/IP address”.
Event ID: 172045 - Ariba Supplier Network Notice of Migration to HTTPS
Ariba strongly recommends certificates that support 128-bit encryption
(common encryption strengths are 40, 56 and 128 bits). The domain name
in the certificate must be identical to the name you enter in the
Configuration area of your Ariba SN account or the name contained in
your cXML profile response. You cannot provide IP addresses in the
Configuration area of your Ariba SN account. Certificate names are not
dependent on the Web server port, so multiple Web server instances on
different ports can use the same certificate. Multiple Web servers
cannot share a single certificate.
The immediate problem for Gerald though, seem to be an faulty WM IS settting.
> And the error page generated is not page cannot be displayed, it
> is "The XML page cannot be displayed "
I was going on the error Gerald reported, which was “page cannot be displayed”. I got a similar message in IE 6, for those 5 cases listed above.
Give Mozilla a go sometime - I sincerely think you’d find it the better debugging browser.
Hi Sonam,
Ariba does accept URL’s for punchout and order submission. For example, the URL for Ariba users to punchout could be something like
[url=“http://https://100.100.100.100:5566/invoke/punchoutpackage.punchout:punchoutflow”]https://100.100.100.100:5566/invoke/punchoutpackage.punchout:punchoutflow[/url]
And if the Certificate is issued for the name of the server (in this case with the ip address 100.100.100.100), let us assume the name of the server is “universe”, then Ariba will reject the certificate saying that the certificate is issued to “universe” and not to the ip 100.100.100.100.