cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSL Configuration on J2EE Engine

Former Member

on ‎04-22-2009 6:16 AM

0 Kudos

Hi,

I have an SAP PI System and trying to configure the communiction between the Internet Browser and SAP J2EE Engine with SSL protocol

I have sucessfully implemented the server authentication and its fine

For the client authentication i have followed the follwing steps:

1. Created a certificate and imported the signed certificate in Trusted CA with common name as the name of a System user in the SAP System

2. Visual Admin SSL Provider i have request for client authentication and selected the above signed certificate

3. Security Provider selected the System user and then mapped the certificate to the system user

4. Added the modules ClientCertLoginModule as REQUIRED and then the BasicPasswordLoginModule as REQUIRED

5. Exported the private key and imported the private key into my browser

After this when i access the URL https://<hostname>:<httpsport>/ i get nothing opening

it says Internet explorer cannot open page.

Can anyone guide me as to where am i going wrong

Rgds

Aditya

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎04-22-2009 7:43 AM
0 Kudos

Hi Aditya,

SAP Cryptographic library is required to implement SSL. Also have you created the certificate under service_ssl ?

I have experienced such error when service_ssl in VA did not have the correct entry. Please create a certificate under Service_SSL with your host entry and map the same for the HTTPS port in SSL Provider service --> Server Identity.

Regards,

Karthick.

Show replies
Show replies
Former Member
‎04-22-2009 8:14 AM
0 Kudos

Hi Karthik and Rohit,

Thanks for your reply

I found this

You can verify that the correct library has been loaded under Dispatcher ® Libraries ® core_lib in the Visual Administrator. The iaik_jce.jar should be included in the list of loaded jars and not iaik_jce_export.jar.

I checked in Visual Admin i was able to find the iaik_jce.jar file in it

So i beilve that the jar has been deployed.

And coming back to the question of ssl_service i have created the server authentication certificate under that service and the Client Authentication certificates under Trusted CAs service.

More over the Server Authentication i mean if i remove the Require Client Authentication from the SSL Provider Service everything works fine i am able to connect via SSL. The problem is when i use the client authentication

Rgds

Aditya

Former Member
‎04-22-2009 6:35 AM
0 Kudos

Hello Aditya,

It looks as if you have missed out some steps

Please refer to

http://www.i-barile.it/SDN/EnablingSSL&ClientCertificatesOnTheSAPJ2EEEngine.pdf

for configuration of SSL on J2EE engine and check out the configuration once again

Rohit

Show replies
Show replies
Former Member
‎04-22-2009 7:02 AM
0 Kudos

Hi Rohit,

I am used the same guide and followed the same steps

Rgds

aditya

Former Member
‎04-22-2009 7:17 AM
0 Kudos

Hi Rohit,

I have not deployed the deploying cryptographic module. Do you think this can cause a problem

I dont think so because the server authentication is working fine.

Also when i check the forum

i find the same issue but he installed a patch SAP J2EE Engine patch 36

Rgds

Aditya

Former Member
‎04-22-2009 7:37 AM
0 Kudos

Hi

For deploying SSL,

These are the prerequired steps:

1. deploy the SAP Cryptographic Toolkit

2. apply the Java Unlimited Strength Jurisdiction

I think you have not done this.You will have to do these also

and when you check that post,there also these two steps are mentioned,so please follow the configuration guide and let me know of your results

Rohit

Ask a Question