Draft!!!
Draft!!! 
Draft!!!
Draft!!! 
Draft!!!
Draft!!! 
Draft!!!
Draft!!! 

Sterling B2Bi: Creating System Certificate

A system certificate must be created in IBM B2Bi. The public part of this certificate must be shared with the SharePoint team, who added it to their trusted certificates.

SharePoint: Create site and set permissions on MS EntraID

1) MS Sharepoint: Create a site,

2) MS Sharepoint: Setup Permissions on MS EntraID for Restapi

The SharePoint administrator must provide the following:

• Tenant ID
• Application ID

These values are required to configure the SharePointClient Adapter.

3) Obtain the directory ID and application ID:

1. Open the Microsoft Entra admin center Home page.
2. Browse to Entra ID > App registrations, then select your application.
3. On the app's overview page, copy the Directory (tenant) ID value and store it in your application code.
4. Copy the Application (client) ID value and store it in your application code.

4) Upload a trusted certificate issued by a certificate authority

1. Browse to Entra ID > App registrations, then select your application.
2. Select Certificates & secrets.
3. Select Certificates, then select Upload certificate and then select the certificate file to upload.
4. Select Add. Once the certificate is uploaded, the thumbprint, start date, and expiration values are displayed.

After registering the certificate with your application in the application registration portal, enable the confidential client application code to use the certificate.

Sterling B2Bi: Importing Certificates

We need to import the Intermediate and Root certificates from the following domains:

• login.microsoft.com
• MY_SHAREPOINT.sharepoint.com

These certificates were then added to the CA store.

1) Use the command below to retrieve the certificate chain from login.microsoft.com:

openssl s_client -connect login.microsoft.com:443 -showcerts </dev/null \
 | awk '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/{print > ("cert" ++i ".pem")}'

This will generate files like `cert1.pem`, `cert2.pem`, etc., for each certificate in the chain.

2) Use the command below to retrieve the certificate chain from MY_SHAREPOINT.sharepoint.com:

openssl s_client -connect MY_SHAREPOINT.sharepoint.com:443 -showcerts </dev/null \
 | awk '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/{print > ("certm" ++i ".pem")}'

This will generate files like `certm1.pem`, `certm2.pem`, etc., for each certificate in the chain.

3) Import Certificates into Java KeyStore (JKS)

keytool -importcert -trustcacerts -keystore truststore.jks -storepass changeit -alias login_cert1 -file cert1.pem

Repeat the keytool command for each cert*.pem file, using different aliases (e.g., login_cert2, etc.).

4) Open Sterling B2Bi Dashboard

5) Added them into Trading Partner > Digital Certificates > CA

Sterling B2Bi: Setup SharePointClient Adapter Configuration

The adapter was configured with the following parameters:

• SharePoint URL: https://MY_SHAREPOINT.sharepoint.com
• Tenant ID: As provided by your SharePoint administrator
• Application ID: As provided by your SharePoint administrator
• System Certificate: the one created in Sterling B2Bi: Creating System Certificate
• Site Name: SFG-MSP
• Document Library: sfg_ReasonsList
• Proxy Server: No
• CA Certificate: All certificates captured in Sterling B2Bi: Importing Certificates
• Min Thread / Max Thread / Timeout / ReadTimeout: Configure according to system performance and usage needs

Please ensure all certificates and IDs are valid and tested to avoid connection or authentication issues.

Sample Business Process

Used the following in the BP for SharePointClient Begin Session Service.

<process name="SendTo_SharePoint">
    <sequence name="MainSequence">
        <operation name="GetDocument Information Service">
            <participant name="GetDocumentInfoService"/>
            <output message="GetDocumentInfoServiceTypeInputMessage">
                <assign to="." from="*"/>
                <assign to="BodyName" from="normalize-space(DestinationMessageName)"/>
                <assign to="updateMetaDataOnly">true</assign>
                <assign to="DocumentName" from="normalize-space(DestinationMessageName)"/>
            </output>
            <input message="inmsg"/>
        </operation>

        <operation name="Sharepoint Client Begin Session Service">
            <participant name="SharepointClientBeginSession"/>
            <output message="SharepointClientBeginSessionTypeInputMessage">
                <assign to="sharepointclientadapter">SharepointClientAdapter</assign>
                <assign to="." from="*"/>
            </output>
            <input message="inmsg">
                <assign to="." from="*"/>
            </input>
        </operation>

        <operation name="Sharepoint Client PUT Service">
            <participant name="SharepointClientPut"/>
            <output message="SharepointClientPutServiceTypeInputMessage">
                <assign to="remotefilename" from="string(DestinationMessageName)"/>
                <assign to="SessionToken" from="//session_token/text()"/>
                <assign to="." from="*"/>
            </output>
            <input message="inmsg">
                <assign to="." from="*"/>
            </input>
        </operation>

        <operation name="Sharepoint Client End Session Service">
            <participant name="SharepointClientEndSession"/>
            <output message="SharepointClientEndSessionServiceTypeInputMessage">
                <assign to="SessionToken" from="//session_token/text()"/>
            </output>
            <input message="inmsg">
                <assign to="." from="*"/>
            </input>
        </operation>
    </sequence>
</process>

Ver também

• Artigos sobre IBM Sterling
• Mais Artigos sobre Cloud / WebDev / Tecnologias