cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Webdispatcher HTTPS-> HTTP activate

Former Member

on ‎03-13-2006 1:27 PM

0 Kudos

I want to configure Web a webdispatcher to <b>Receive</b> HTTPS And to <b>Forward</b> HTTP

I used this document <a href="http://help.sap.com/saphelp_nw04/helpdata/en/65/6a563cef658a06e10000000a11405a/content.htm">Configuring the SAP Web AS for Supporting SSL</a>

-

The webdispatcher is on D:\sapwebdisp2\

The Sap Cryptographic is on D:\sapwebdisp2\Crypto\

The server is Windows IIS with Environment variable parameter

SECUDIR = D:\sapwebdisp2\Crypto\sec

I defined file parameter of Webdispatcher : sapwebdisp.pfl as :

-

  1. unique instance numberSAPSYSTEM = 31

  2. Accesssability of Message Servers

rdisp/mshost = <server-portal>

ms/http_port = 8101

  1. SAP Web Dispatcher Parameter

wdisp/auto_refresh = 120

wdisp/max_servers = 100

  1. SAP Web Dispatcher Ports

icm/server_port_0 = PROT=HTTPS, PORT=63101, TIMEOUT=900

icm/server_port_0 = PROT=HTTP, PORT=63102, TIMEOUT=900

icm/HTTPS/verify_client = 1

  1. Set DIR_INSTANCE so that the SAP Cryptographic Library can find the sec sub-directory.

DIR_INSTANCE = D:\sapwebdisp2\Crypto

  1. Parameters for the SAP Cryptographic Library

ssl/ssl_lib = D:\sapwebdisp2\Crypto\sapcrypto.dll

ssl/server_pse = D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse

wdisp/ssl_cred= D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse

ssf/ssfapi_lib = D:\sapwebdisp2\Crypto\sapcrypto.dll

sec/libsapsecu = D:\sapwebdisp2\Crypto\sapcrypto.dll

ssf/name = SAPSECULIB

  1. Parameters for Using SSL to the backend server

wdisp/ssl_encrypt = 0

wdisp/ssl_auth = 0

  1. parameter to change protocol HTTPS -> HTTP

wdisp/add_client_protocol_header=true

icm/HTTPS/forward_ccert_as_header = true

  1. parameter to end to end sslwdisp/HTTPS/sticky_mask=255.255.0.0

  2. Parameters for the HTTPS Routing

wdisp/HTTPS/dest_logon_group = HTTP

wdisp/HTTPS/max_client_ip_entries = 100000

-

When I used ICM Webdispatcher Configuration : the Active Services Menu

<b>The HTTPS is not active</b> .

If I actived this service : return message <b><i>Service could not be activated: -14</i></b>

<b>Did you have an example parameter file to HTTPS service ?

How can we activate this service?</b>

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎05-12-2006 11:01 AM
0 Kudos

Hi Juan,

Did you happen to find a resolution to your problem? I am having a very similar one wherein I have the PSE defined, but web dispatcher passes back the error message:

[Thr 7144] *** ERROR => secudessl_Create_SSL_CTX(): PSE "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse" not found! [ssslsecu.c 1030]

Did you find a solution?

Show replies
Show replies
Former Member
‎05-29-2006 8:59 PM
0 Kudos

Hi,

Try this:

<b>C:\usr\sap\SWD>sapgenpse seclogin -p <PATH_TO_PSE>\SAPSSLS.pse -x <PIN>

-O <USER></b>

running seclogin with USER="Administrator"

creating credentials for user "EPRCUPCSAPB7\Administrator"...

Adjusting credentials and PSE ACLs to include "EPRCUPCSAPB7\Administrator"...

Oh, you supplied your own name explicitly ... ok.

c:\usr\sap\SWD\sec\cred_v2 ... ok.

C:\usr\sap\SWD\sec\SAPSSLS.pse ... ok.

Added SSO-credentials for PSE "C:\usr\sap\SWD\sec\SAPSSLS.pse"

"CN=eprcupcsapb7.popularinc.com, OU=EVERTEC, O=Popular Inc, C=US"

http://help.sap.com/saphelp_nw04/helpdata/en/82/5fcd8af02d07438148302ceb8b2500/content.htm

Best Regards...

Former Member
‎03-13-2006 5:39 PM
0 Kudos

Need some help to PSE define

<b>On Prompt command :</b>

  • ---------------------------------------------------- *

d:

path D:\webdispatcher\crypto

set SECUDIR=D:\webdispatcher\crypto\sec

sapgenpse get_pse -p SAPSSLC.pse -x pass -r certi.req

"CN=sopraganesh.cr.infra.lab, O=COMPAGNY, C=FR"

sapgenpse gen_pse -p SAPSSLS.pse -noreq -x pass

"CN=sopraganesh.cr.infra.lab, O=COMPAGNY, C=FR"

sapgenpse seclogin -p SAPSSLS.pse -x pass -O SYSTEM

sapgenpse seclogin -p SAPSSLC.pse -x pass -O SYSTEM

  • ---------------------------------------------------- *

<b>I defined the PSE

I started this webdispatcher,

it s not found SAPSSLS.pse file</b>

the log show :

*[Thr 7144] =================================================

[Thr 7144] = SSL Initialization

[Thr 7144] SapISSLComposeFilename(): profile param "ssl/ssl_lib" = "D:\sapwebdisp2\Crypto\sapcrypto.dll"

resulting Filename = "D:\sapwebdisp2\Crypto\sapcrypto.dll"

[Thr 7144] SapISSLComposeFilename(): profile param "ssl/server_pse" = "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

resulting Filename = "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

[Thr 7144] = found SAPCRYPTOLIB 5.5.5C pl16 (Jun 10 2004) MT-safe

[Thr 7144] = found SECUDIR environment variable

[Thr 7144] = using SECUDIR=d:\sapwebdisp2\Crypto\sec

[Thr 7144] *** ERROR => secudessl_Create_SSL_CTX(): PSE "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse" not found! [ssslsecu.c 1030]

[Thr 7144] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --

secude_error 1824 (0x00000720) = "Wrong or Missing PIN for PSE"

[Thr 7144] >> -

Begin of Secude-SSL Errorstack -

>>

[Thr 7144] ERROR in SSL_CTX_set_default_pse_by_name: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

ERROR in ssl_set_pse: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

ERROR in af_open: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

ERROR in secsw_open: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

ERROR in sec_parse_PSEInfo_cont: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

[Thr 7144] << -

End of Secude-SSL Errorstack -

[Thr 7144] *** ERROR => Initialization of SSL library failed -- NO SSL available!

======================================

Show replies
Show replies
Ask a Question