Recently I was trying to delete records in millions from Salesforce objects based on certain years. I was using Informatica PowerExchange for Salesforce. However I observed that the throughput was very low approx 6-10 rows/second. Hence deleting 1.1 million records took around 1.5 days which was not acceptable.
Going through Informatica PowerCenter help I found a bulk of deletion which would sent records in batch and should have been faster.
Background for the error: To maintain alignment with security best practices and the industry-wide shift to use more complex algorithms for HTTPS certificates, Salesforce is replacing the current HTTPS certificates, which are signed with a SHA-1 hash algorithm, to new certificates signed with a SHA-256 hash algorithm. HTTPS certificates are reflected in the browser’s URL bar to indicate a secure connection while accessing secure websites, including Salesforce.
The certificates are replaced in a phased manner for all Salesforce.com instances starting with the Sandbox instance. This is applicable to the following Informatica Software:
- Informatica PowerExchange for Salesforce.com
There is no impact to the Informatica Designer client which is used to import objects from Salesforce.com.
Informatica sessions using PowerExchange for Salesforce to load data to Salesforce.com in Bulk mode fails with any one of the following error messages:
- cURL error received. Error message [error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm].
- SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
- SFDC_31235 [ERROR] Bulk API cURL error received. Error message [SSL certificate problem: self signed certificate in certificate chain].
- [ERROR] Bulk API cURL error received. Error message [SSL certificate problem: unable to get local issuer certificate].
- SFDC_31213 [INFO] HTTP Request Message: [SSL: couldn't set callback!
- SFDC_31221 : [ERROR] Reattempt the Salesforce request [createBulkApiJob] due to the error [Unknown SSL protocol error in connection to test.salesforce.com:443
To resolve this issue, do the following and update the certificates in Informatica:
SandBox Instances
- Download the certificates for Sandbox instances as follows:
- Go to the Salesforce URL (Example: https://test.salesforce.com) using internet explorer or any other browser and login using Salesforce account that you use in the Salesforce sessions. Make sure that the website's address begins with HTTPS, and that a lock icon
appears in the Address bar. - Double-click the padlock icon in the status bar of Internet Explorer. (Padlock icon is a lock icon appears on the right side of the Address bar.
- Click the lock icon and then click View certificates to view the certificate used to encrypt the webpage.
- In the Certificate wizard, navigate to Certification Path tab and select VeriSign.
e. Click View Certificate and you would see a new Certificate wizard appear on your screen. Go to Details tab and click Copy to File to open the Certificate Export Wizard.
f. Click Next and select Base-64 encoded X.509 (.CER).
g. Click Next, enter File name and click Finish to export the certificate.
h. You need to follow the same steps for other certificates in the chain of certificates, Sematic Class 3 Secure Server CA - G4 and test.salesforce.com as shown in this example.
- Update the certificates in the ca-bundle.crt file as follows:
- Take a backup of ca-bundle.crt file located under the /$INFA_HOME/server/bin/ directory on the server where Informatica is installed.
- Copy the contents of certificate (open in any textpad editor) which was extracted in Step 1 above, and append content of the certificate to the bottom of the ca-bundle.crt file.
Make sure to copy the entire certificate text including the headers as shown below:
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIQZBvoIM4CCBPzLU0tldZ+ZzANBgkqhkiG9w0BAQUFADCB…..
-----END CERTIFICATE----- - Repeat Step 2 on all the nodes. It is not required to bounce the domain or the Integration Service for the change to take effect.
- This step is not required for Informatica 9.6.0 and later versions. For the earlier versions, do the following:
- Download and install the EBF393490 for the applicable Informatica PowerCenter version and operating system from the following location on the tsftp server (tsftp.informatica.com). You need to login using your mysupport.informatica.com credentials:
Informatica 9.1 Hotfix 6:
/updates/Informatica9/9.1.0 HotFix6/EBF393490
Informatica 9.5.1 Hotfix 4:
/updates/Informatica9/9.5.1 HotFix4/EBF393490
The Informatica 9.1 Hotfix 6 EBF can be installed on Informatica 9.1 and all 9.1 HotFix versions.
The 9.5.1 Hotfix 4 EBF can be installed on Informatica 9.5.1 and all 9.5.1 HotFix versions. - Repeat Step 3 on all the nodes. To install the EBF, follow the instructions provided in EBF393490.html located in the same location where you find the EBF installer.
This resolved my problem. Thanks to Informatica support. Consequently I noticed increased throughput (4700rows/sec) and 1.1 million was getting deleted in approx. 12mins.
However please note:
1. Even if Informatica job for deletion completed in 12 mins, Salesforce was taking 3 hrs to purge the deleted records which you can query on Salesforce and verify the counts gradually decreasing.
2. Also noticed even if "Hard Delete/Permanently delete" records was enabled on PowerExchange deleted records were still getting logged in recycle bin in Salesforce.
Hope this blog is of help!!
This comment has been removed by the author.
ReplyDelete