on 04-22-2009 6:16 AM
Hi,
I have an SAP PI System and trying to configure the communiction between the Internet Browser and SAP J2EE Engine with SSL protocol
I have sucessfully implemented the server authentication and its fine
For the client authentication i have followed the follwing steps:
1. Created a certificate and imported the signed certificate in Trusted CA with common name as the name of a System user in the SAP System
2. Visual Admin SSL Provider i have request for client authentication and selected the above signed certificate
3. Security Provider selected the System user and then mapped the certificate to the system user
4. Added the modules ClientCertLoginModule as REQUIRED and then the BasicPasswordLoginModule as REQUIRED
5. Exported the private key and imported the private key into my browser
After this when i access the URL https://<hostname>:<httpsport>/ i get nothing opening
it says Internet explorer cannot open page.
Can anyone guide me as to where am i going wrong
Rgds
Aditya
Hi Aditya,
SAP Cryptographic library is required to implement SSL. Also have you created the certificate under service_ssl ?
I have experienced such error when service_ssl in VA did not have the correct entry. Please create a certificate under Service_SSL with your host entry and map the same for the HTTPS port in SSL Provider service --> Server Identity.
Regards,
Karthick.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Karthik and Rohit,
Thanks for your reply
I found this
You can verify that the correct library has been loaded under Dispatcher ® Libraries ® core_lib in the Visual Administrator. The iaik_jce.jar should be included in the list of loaded jars and not iaik_jce_export.jar.
I checked in Visual Admin i was able to find the iaik_jce.jar file in it
So i beilve that the jar has been deployed.
And coming back to the question of ssl_service i have created the server authentication certificate under that service and the Client Authentication certificates under Trusted CAs service.
More over the Server Authentication i mean if i remove the Require Client Authentication from the SSL Provider Service everything works fine i am able to connect via SSL. The problem is when i use the client authentication
Rgds
Aditya
Hello Aditya,
It looks as if you have missed out some steps
Please refer to
http://www.i-barile.it/SDN/EnablingSSL&ClientCertificatesOnTheSAPJ2EEEngine.pdf
for configuration of SSL on J2EE engine and check out the configuration once again
Rohit
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
For deploying SSL,
These are the prerequired steps:
1. deploy the SAP Cryptographic Toolkit
2. apply the Java Unlimited Strength Jurisdiction
I think you have not done this.You will have to do these also
and when you check that post,there also these two steps are mentioned,so please follow the configuration guide and let me know of your results
Rohit
User | Count |
---|---|
78 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.