on 03-13-2006 1:27 PM
I want to configure Web a webdispatcher to <b>Receive</b> HTTPS And to <b>Forward</b> HTTP
I used this document <a href="http://help.sap.com/saphelp_nw04/helpdata/en/65/6a563cef658a06e10000000a11405a/content.htm">Configuring the SAP Web AS for Supporting SSL</a>
-
The webdispatcher is on D:\sapwebdisp2\
The Sap Cryptographic is on D:\sapwebdisp2\Crypto\
The server is Windows IIS with Environment variable parameter
SECUDIR = D:\sapwebdisp2\Crypto\sec
I defined file parameter of Webdispatcher : sapwebdisp.pfl as :
-
unique instance numberSAPSYSTEM = 31
Accesssability of Message Servers
rdisp/mshost = <server-portal>
ms/http_port = 8101
SAP Web Dispatcher Parameter
wdisp/auto_refresh = 120
wdisp/max_servers = 100
SAP Web Dispatcher Ports
icm/server_port_0 = PROT=HTTPS, PORT=63101, TIMEOUT=900
icm/server_port_0 = PROT=HTTP, PORT=63102, TIMEOUT=900
icm/HTTPS/verify_client = 1
Set DIR_INSTANCE so that the SAP Cryptographic Library can find the sec sub-directory.
DIR_INSTANCE = D:\sapwebdisp2\Crypto
Parameters for the SAP Cryptographic Library
ssl/ssl_lib = D:\sapwebdisp2\Crypto\sapcrypto.dll
ssl/server_pse = D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse
wdisp/ssl_cred= D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse
ssf/ssfapi_lib = D:\sapwebdisp2\Crypto\sapcrypto.dll
sec/libsapsecu = D:\sapwebdisp2\Crypto\sapcrypto.dll
ssf/name = SAPSECULIB
Parameters for Using SSL to the backend server
wdisp/ssl_encrypt = 0
wdisp/ssl_auth = 0
parameter to change protocol HTTPS -> HTTP
wdisp/add_client_protocol_header=true
icm/HTTPS/forward_ccert_as_header = true
parameter to end to end sslwdisp/HTTPS/sticky_mask=255.255.0.0
Parameters for the HTTPS Routing
wdisp/HTTPS/dest_logon_group = HTTP
wdisp/HTTPS/max_client_ip_entries = 100000
-
When I used ICM Webdispatcher Configuration : the Active Services Menu
<b>The HTTPS is not active</b> .
If I actived this service : return message <b><i>Service could not be activated: -14</i></b>
<b>Did you have an example parameter file to HTTPS service ?
How can we activate this service?</b>
Hi Juan,
Did you happen to find a resolution to your problem? I am having a very similar one wherein I have the PSE defined, but web dispatcher passes back the error message:
[Thr 7144] *** ERROR => secudessl_Create_SSL_CTX(): PSE "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse" not found! [ssslsecu.c 1030]
Did you find a solution?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Try this:
<b>C:\usr\sap\SWD>sapgenpse seclogin -p <PATH_TO_PSE>\SAPSSLS.pse -x <PIN>
-O <USER></b>
running seclogin with USER="Administrator"
creating credentials for user "EPRCUPCSAPB7\Administrator"...
Adjusting credentials and PSE ACLs to include "EPRCUPCSAPB7\Administrator"...
Oh, you supplied your own name explicitly ... ok.
c:\usr\sap\SWD\sec\cred_v2 ... ok.
C:\usr\sap\SWD\sec\SAPSSLS.pse ... ok.
Added SSO-credentials for PSE "C:\usr\sap\SWD\sec\SAPSSLS.pse"
"CN=eprcupcsapb7.popularinc.com, OU=EVERTEC, O=Popular Inc, C=US"
http://help.sap.com/saphelp_nw04/helpdata/en/82/5fcd8af02d07438148302ceb8b2500/content.htm
Best Regards...
Need some help to PSE define
<b>On Prompt command :</b>
---------------------------------------------------- *
d:
path D:\webdispatcher\crypto
set SECUDIR=D:\webdispatcher\crypto\sec
sapgenpse get_pse -p SAPSSLC.pse -x pass -r certi.req
"CN=sopraganesh.cr.infra.lab, O=COMPAGNY, C=FR"
sapgenpse gen_pse -p SAPSSLS.pse -noreq -x pass
"CN=sopraganesh.cr.infra.lab, O=COMPAGNY, C=FR"
sapgenpse seclogin -p SAPSSLS.pse -x pass -O SYSTEM
sapgenpse seclogin -p SAPSSLC.pse -x pass -O SYSTEM
---------------------------------------------------- *
<b>I defined the PSE
I started this webdispatcher,
it s not found SAPSSLS.pse file</b>
the log show :
*[Thr 7144] =================================================
[Thr 7144] = SSL Initialization
[Thr 7144] SapISSLComposeFilename(): profile param "ssl/ssl_lib" = "D:\sapwebdisp2\Crypto\sapcrypto.dll"
resulting Filename = "D:\sapwebdisp2\Crypto\sapcrypto.dll"
[Thr 7144] SapISSLComposeFilename(): profile param "ssl/server_pse" = "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"
resulting Filename = "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"
[Thr 7144] = found SAPCRYPTOLIB 5.5.5C pl16 (Jun 10 2004) MT-safe
[Thr 7144] = found SECUDIR environment variable
[Thr 7144] = using SECUDIR=d:\sapwebdisp2\Crypto\sec
[Thr 7144] *** ERROR => secudessl_Create_SSL_CTX(): PSE "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse" not found! [ssslsecu.c 1030]
[Thr 7144] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --
secude_error 1824 (0x00000720) = "Wrong or Missing PIN for PSE"
[Thr 7144] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 7144] ERROR in SSL_CTX_set_default_pse_by_name: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"
ERROR in ssl_set_pse: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"
ERROR in af_open: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"
ERROR in secsw_open: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"
ERROR in sec_parse_PSEInfo_cont: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"
[Thr 7144] << -
End of Secude-SSL Errorstack -
[Thr 7144] *** ERROR => Initialization of SSL library failed -- NO SSL available!
======================================
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
77 | |
9 | |
9 | |
7 | |
6 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.