Punchout Configuration

Overview : What is Punchout?

Punchout is a feature from iProcurement and Oracle Supplier Network which allows to access the external catalog and bring the items to iProcurement in order to create requisitions. The external catalog can be hosted by a third party organization or by the supplier.

           1. Requester/preparer clicks the Punchout link.
           2. Login request is sent to the supplier server.
           3. Supplier authenticates the access and sends the login response.
           4. iProcurement redirects the browser to the supplier catalog site.
           5. Requester/preparer searches the items and returns to iProcurement.
           6. Shopping cart is processed by iProcurement. 


1. Punchout (supplier site) access from Oracle Applications – reach network/firewall team 

2. Get SSL (SHA, TLS Certificate) from External Suppplier, if it is Secured.

3. Once you get the .cer file from supplier, export it as base64 and open/save it in notepad (as .txt)

Configuration Steps:

1. Ask your functional person to do the below:

In iProcurment Punchout is configured by following steps  

1.1. Go to iProcurement Catalog Administration responsibility > Stores > Content Zones
1.2. In the dropdown list choose Create Punchout Content Zone or Create Transparent Punchout  Content Zone.
1.3. Click GO
1.4. Enter the Punchout information
1.5. Click Apply
1.6. Now go to Stores > Stores
1.7. Create a new store or choose an existing one
1.8. Add the Punchout definition created above in the Content Zone.

In release 12 the realms were replaced by Content Zone which is used to restrict access  by category, suppliers, operating units, and/or responsibilities.

2. Enter the absolute file path of the certificates file that stores the certificates’ names in Profile “POR :CA Certificate File Name”.
The certificate file is located at tech_st directory structure: 

3. Enter the proxy server (web server) name in “POR :Proxy Server Name”
The proxy server name is typically the same as the proxy server that
is set up in people’s browsers in your company’s. if there is no proxy, ensure it is null.

4. Enter the proxy server port for the server defined in profile POR :Proxy Server Name in  profile “POR :Proxy Server Port”. if there is no proxy, ensure it is null.
5. The certificate is required if the punchout sites are secured (SSL enabled). Profile POR :CA Certificate File Name will be used to execute the handshake and verify the valid certificates. 

If punchout site is using certificate  which is not included in the b64InternetCertificate.txt (or the file from profile POR :CA Certificate File Name),  append it in the beginning of file. Append only the trusted certificates.

6. If profiles and certificates changed bounce the oacore, apache and oafm for the change to take effect. 

Please note :If profiles above are not set properly, errors like Connection refused, SSL handshake errors could occur.

–Narasimha Rao

  • December 28, 2016 | 31 views