Kontakt

Ansicht
Dokumentation

PAY_DE_B2A_KK_670 - Communication Server/Web Service of Pension Insurance (rvBEA)

PAY_DE_B2A_KK_670 - Communication Server/Web Service of Pension Insurance (rvBEA)

RFUMSV00 - Advance Return for Tax on Sales/Purchases   CL_GUI_FRONTEND_SERVICES - Frontend Services  
This documentation is copyright by SAP AG.
SAP E-Book

General Information

Transfer of data in the notification process rvBEA takes place with a web service. The SOAMANAGER, which is available in SAP NetWeaver is used for the transfer.

As a temporary solution, the DSRV communications server provides an alternative for the transfer. To avoid retroactive conversion efforts, we recommend using the web service.

Using additional middleware (BC, PI) is not necessary for rvBEA.

Necessary setup for Web Service and Communications Server

The following activities describe the steps that need to be taken to be able to use the web service as well as for data transfer via the DSRV communications server.

  1. Check the HTTPS service
    Check whether the HTTPS service has been activated in the system.
    1. Launch transaction SMICM.
    2. Choose Goto -> Services in the menu to switch to an overview of the active services.
The HTTPS log should be activated. If this is not the case, set up the service. For more information, see SAP Note 510007 (Setting up SSL on Application Server ABAP).

Comment:
Make sure that the HTTPS service is set up on every instance on which you want to transfer messages via HTTPS.
  1. Check the certificates in Trust Manager
    You have already requested a certificate for these company numbers at the ITSG trust center. You now need to check whether there is an entry in transaction STRUST for the company numbers you use as the data provider.
    1. Launch transaction STRUST.
On the left-hand side under PSE Status, there should now be an entry with SSF HR B2A-SV BN<your company number> for each of the company numbers you use.
(Example: SSF HR B2A-SV BN12345678)
  1. If there is no entry, create one using the report Copy PSE for HI Funds to SFF Tables (RPUSVND0).
  • Check and, if required, update the certificate list
    • Use the Test Report for Communication with the GKV and DSRV (RPUSVHD1) to check whether the company number 66667777 exists in your certificate list.
    ...
    66667777 CN=Roland Jaeger, OU=BN66667777, OU=Deutsche Rentenversicherung Bund ...
    ...
    If this is not the case, update the certificate list in the key files (PSE files) that you use, as follows:
    1. Downloading of the current certificate list from ITSG
    You can find the list on the Internet at
    www.itsg.de -> Trust Center -> Öffentliche Schlüsselverzeichnisse AG.
    Select the file with the public keys of the data collection points for the employer procedure. The file is currently provided for the SHA256 hash algorithm. In report RPUSVHD1, you can find information about which algorithm you are using listed under Algorithm Signature for the certificate for the company number.
    From here, download the file for the PKCS#7 procedure.
    Save the file locally to your PC (example: annahme-sha256.agv for SHA256).
    1. Deletion of the old certificate list from the PSE files used
    Start the Utility Report for Management of Encryption PKCS#7 for HI Funds (RPUSVKD1).
    Enter the company number. For the company numbers that you use and the related PSE files, see Customizing under Assign File Name for PKCS#7 Certificates.
    Confirm the entry. The information (administrator, company name, PSE file) is thus read and displayed.
    In the Delete Certificate List group box, select the Delete List (All) checkbox.
    Execute the report. The report displays the number of deleted entries.
    1. Import of the new certificate list
      Start report RPUSVKD1 again.
    Enter the company number and confirm the entry.
    In the group box Read Certificate List, select the checkbox Read List and confirm the entry. The field Path/File Name is ready for input.
    Enter the path for the file with the current certificate list (example: C:\annahme-sha256.agv).
    Execute the report. The report displays the number of imported entries.
    1. Use the Test Report for Communication with GKV and DSRV (RPUSVHD1) to check whether the company number 66667777 already exists in the certificate list of the PSE file just processed.
    2. If you use multiple company numbers as the sender (view V_T5D4X), import the most recent certificate list for these company numbers as well. To do this, repeat steps b) to d).
  • Create the SSL client certificate(s) in Trust Manager

    You need a separate SSL client for each company number for which you have requested a certificate (PSE file exists). If you have more than one company number, repeat the following steps for each number.
    1. Launch transaction STRUST and switch to change mode.
    2. Check if an identity has already been created for the company number (PSE file) in the menu under Environment -> SSL Client Identities. If it has, continue with step 6. If not, switch to change mode and select New Entries to create the missing identities SVnnnn. nnnn may either represent a sequential numbering or possibly the last 4 figures of the relevant company number. (Example: For PSE file BN12345678.pse, you can create SSL client identity SV5678.) Save the entries.
    3. Return to Trust Manager. Double-click the SSL client you created. Then choose PSE -> Import in the menu to transfer your certificate for the company number to the new SSL client. Select the PSE file called BN<company number employer>.pse from the application server (directory DIR_INSTANCE\sec).
    4. In the menu, choose PSE -> Save As to save the file under type SSL Client with the value SVnnnn.

    Setting up a web service

    This section describes the necessary setup for data transfer using the web service. Using transaction SM30, in table/view V_T50BK for areaSI and document type OREG, enter WEB in constant TMODE.

    Setting up logical ports

    You can find general information about web services in the ABAP environment on the SAP Community Wiki under Web Services ABAP then ABAP Connectivity - Web Services ABAP.

    You can find specific information about creating logical ports on the same wiki page under Configuration then How to create a Service Consumer.

    1. Creating logical test port
      1. Launch transaction SOAMANAGER. Your default internet browser opens.
      2. On the Service Administration tab, open Web Service Configuration.
      3. Enter the value CO_HRDE_SVRVBEA_EXTRA14 in the search criteria as the object name and choose Search to confirm. The search result should be exactly one entry.
      4. Use the link to the entry to navigate to the details of the consumer proxy.
      5. Create a logical port for each data provider (PSE file). Use the drop down list to select Create Manual Configuration to do so.
      6. In step 1 Name of Logical Port, make the following entries under General Configuration Settings:
        Name of Logical Port: HR_DE_RVBEA_<company number employer>_TEST
        Description: Logical port for company number employer <company number employer> test
    Choose Continue to go to the next configuration step.
    1. In step 2 Consumer Security, choose the X.509-SSL Client Certificate button under Authentication Settings. Then, under X.509-SSL-Client-PSE, use the F4 help in the SSL-Client SE in transaction STRUST field to select the corresponding SSL client PSE for the company number employer from SVnnnn (or DE-SV).
    Choose Continue to go to the next configuration step.
    1. In step 3 HTTP Settings, make the following entries under Transport-Binding.
      Path: /SPoC/ExtraService_v1.4
      Host: itsg.eservicet-drv.de
      Port: 443
      Log: HTTPS
      Logon Language Langue of User Context Make Local Call: No local system call
      Transport Binding Type: SOAP 1.1
      Maximum Wait Time WS Consumer: 0 (if you have connection problems, you can enter a different value)
      Optimized XML Transfer: MTOM
      Compress HTTP Message: Inactive
      Compress Response: True
    Proxy:
    For proxy-related entry fields, enter the data valid for your network.
    Choose Continue to go to the next configuration step.
    1. In step 4 SOAP Protocol, make the following entries:
    Under Message ID (synchronous):
    Message ID Protocol: Suppress ID transfer

    Under Service Call Statistics:
    Scope of Data Transfer: Enhanced Data Transfer
    Transfer Protocol: Transfer using SOAP Header

    Under Handling Message Attachments:
    Process Attachments: Yes

    Choose Continue to go to the next configuration step.
    1. In step 5 Identifiable Business Context, you do not need to make any entries.
    Stop the configuration using the Complete button.
    1. Creating logical productive port
      1. Launch transaction SOAMANAGER. Your default internet browser opens.
      2. On the Service Administration tab, open Web Service Configuration.
      3. Enter the value CO_HRDE_SVRVBEA_EXTRA14 in the search criteria as the object name and choose Search to confirm. The search result should be exactly one entry.
      4. Use the link to the entry to navigate to the details of the consumer proxy.
      5. Create a logical port for each data provider (PSE file). Use the drop down list to select Create Manual Configuration to do so.
      6. In step 1 Name of Logical Port, make the following entries under General Configuration Settings:
        Name of Logical Port: HR_DE_RVBEA_<company number employer>_PROD
        Description: Logical port for company number employer <company number employer> productive
    Choose Continue to go to the next configuration step.
    1. In step 2 Consumer Security, choose the X.509-SSL Client Certificate button under Authentication Settings. Then, under X.509-SSL-Client-PSE, use the F4 help in the SSL-Client SE in transaction STRUST field to select the corresponding SSL client PSE for the company number employer from SVnnnn (or DE-SV).
    Choose Continue to go to the next configuration step.
    1. In step 3 HTTP Settings, make the following entries under Transport-Binding.
      Path: /SPoC/ExtraService_v1.4
      Host: itsg.eservice-drv.de
      Port: 443
      Log: HTTPS
      Logon Language Language of User Context
      Make Local Call: No local system call
      Transport Binding Type: SOAP 1.1
      Maximum Wait Time WS Consumer: 0 (if you have connection problems, you can enter a different value)
      Optimized XML Transfer: MTOM
      Compress HTTP Message: Inactive
      Compress Response: True

      Proxy:
      For proxy-related entry fields, enter the data valid for your network.

      Choose Continue to go to the next configuration step.
    2. In step 4 SOAP Protocol, make the following entries:

      Under Message ID (synchronous):
      Message ID Protocol: Suppress ID transfer

      Under Service Call Statistics:
      Scope of Data Transfer: Enhanced Data Transfer
      Transfer Protocol: Transfer using SOAP Header

      Under Handling Message Attachments:
      Process Attachments: Yes

      Choose Continue to go to the next configuration step.
    3. In step 5 Identifiable Business Context, you do not need to make any entries.
    Stop the configuration using the Complete button.

    Setting Up Communications Server

    This section describes the necessary setup for data transfer to the communications server. Using transaction SM30, in table/view V_T50BK for areaSI and document type OREG, enter KOM in constant TMODE.

    Setting Up the HTTPS Connection

    For general information about setting up the HTTP(S) connection from the SAP system, see the documentation in SAP Help Portal under Internet Communication Framework.

    If problems or error messages (ICM) occur when setting up the HTTP(S) connection, you can also refer to SAP Note 634006 (Note on the preclarification of ICM messages).

    1. Create the HTTPS Test Connection(s)
      If you have only one data provider (PSE file), or if you do not use a proxy or have a proxy without information about the user and password, proceed as follows:
      1. Launch transaction SM59.
      2. Choose Create:
        Connection Type: G
        RFC Destination: HR_DE_RVBEA_TEST
        Description: HTTPS connection to the DSRV communications server (rvBEA) test
      3. Entries on the Technical Settings tab page:
        Target Host: itsg.eservicet-drv.de
        Service No.: 443
        Path Prefix: /rvbea/rest

        HTTP Proxy Options:
        Enter your own proxy data.
      4. On the Registration & Security tab page, activate the security option SSL. Select the SSL certificate for your company number from the list. If there is more than one company number, select one of the SSL certificates.
        Comment: If you are not using a proxy or have a proxy without password, the program may dynamically exchange the SSL certificate entered in the connection. In this case, you do not need to create connections for every individual company number.
      5. Save your entries.
      6. Test the connection. Return codes 200, 405, or 415 mean that the connection has no technical issues.
    If you have several data providers (PSE files) and are using a proxy that includes the user and password, proceed as follows:
    1. Launch transaction SM59.
    2. Choose Create:
      Connection Type: G
      RFC Destination: HR_DE_RVBEA_<company number employer>_TEST
      Description: HTTPS connection to the DSRV communications server (rvBEA) test
    3. Entries on the Technical Settings tab page:
      Target Host: itsg.eservicet-drv.de
      Service No.: 443
      Path Prefix: /rvbea/rest

      HTTP Proxy Options:
      Enter your own proxy data.
    4. On the Registration & Security tab page, activate the security option SSL. Select the SSL certificate SVnnnn for your company number from the list. (Example: For the company number 12345678, create an RFC connection called HR_DE_DSRV_12345678_TEST with SSL client certificate SV5678.) The company number used in the name of the RFC connection and the company number of the SSL client must be identical.
    5. Save your entries.
    6. Test the connection. Return codes 200, 405, or 415 mean that the connection has no technical issues.

  • Create the HTTPS productive connection(s)
    If you have only one data provider (PSE file), or if you do not use a proxy or have a proxy without information about the user and password, proceed as follows:
    1. Launch transaction SM59.
    2. Choose Create:
      Connection Type: G
      RFC Destination: HR_DE_RVBEA_PROD
      Description: HTTPS connection to the DSRV communications server (rvBEA) productive
    3. Entries on the Technical Settings tab page:
      Target Host: itsg.eservice-drv.de
      Service No.: 443
      Path Prefix: /rvbea/rest

      HTTP Proxy Options:
      Enter your own proxy data.
    4. On the Registration & Security tab page, activate the security option SSL. Select the SSL certificate for your company number from the list. If there is more than one company number, select one of the SSL certificates.
      Comment: If you are not using a proxy or have a proxy without password, the program may dynamically exchange the SSL certificate entered in the connection. In this case, you do not need to create connections for every individual company number.
    5. Save your entries.
    6. Test the connection. Return codes 200, 405, or 415 mean that the connection has no technical issues.
    If you have several data providers (PSE files) and are using a proxy that includes the user and password, proceed as follows:
    1. Launch transaction SM59.
    2. Choose Create:
      Connection Type: G
      RFC Destination: HR_DE_RVBEA_<company number employer>_PROD
      Description: HTTPS connection to the DSRV communications server (rvBEA) productive
    3. Entries on the Technical Settings tab page:
      Target Host: itsg.eservice-drv.de
      Service No.: 443
      Path Prefix: /rvbea/rest

      HTTP Proxy Options:
      Enter your own proxy data.
    4. On the Registration & Security tab page, activate the security option SSL. Select the SSL certificate SVnnnn for your company number from the list. (Example: For the company number 12345678, create an RFC connection called HR_DE_DSRV_12345678_PROD with SSL client certificate SV5678.) The company number used in the name of the RFC connection and the company number of the SSL client must be identical.
    5. Save your entries.
    6. Test the connection. Return codes 200, 405, or 415 mean that the connection has no technical issues.

    Additional Information

    • You decide whether to use the test or productive system to transfer the notifications as follows: The constant MODE in table T50BK is read for the current procedure, for example SV/OVVZ. If the constant is not maintained (it usually is not), table T000 is evaluated. If the client is classified as P, this means a productive system is used. If not, then the system is a test system.
    • You can also test the HTTP connection using the Test Report for Communication with the GKV and DSRV (RPUSVHD1). For the test URL and the live URL, the text "Error 200: Error reported: 200#" and the HTTP code 200 should be returned from the DRV communication server. This is OK. You can ignore this error message because the test report cannot send any valid XML data.





    TXBHW - Original Tax Base Amount in Local Currency   rdisp/max_wprun_time - Maximum work process run time  
    This documentation is copyright by SAP AG.

    Length: 28630 Date: 20240523 Time: 221028     sap01-206 ( 314 ms )