cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Call HTTPS from ABAP Engine.

Go to solution
Former Member

on ‎07-02-2009 12:24 PM

0 Kudos

Dear All,

I am trying the configure CTS+ in our environment. while settting up the RFC "CTSDEPLOY" from my ABAP System to my Portal System I am facing problem.

I am assuming that I can not use HTTP as the port mappings are defined in HTTP Provider service (vadmin). Port 50000, 50001 and 80 are redirected to port 443 of portal server with https scheme.

So, in sm59, (Connection type G) I configure the target hostname of the CTSDEPLOY to Portal Server, Service No. 50001, and Path Prefix is "/DeployProxy/default?style=document".

In the logon and security tab, I switched on Basic Authentication and supplied the user name and password. then, put the SLL to active and choosed Default SSL Client Standard. when I test the connection I receive the following in dev_icm:

-

[Thr 6] Thu Jul 2 14:14:35 2009

[Thr 6] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL

[Thr 6] session uses PSE file "/usr/sap/EDV/DVEBMGS00/sec/SAPSSLC.pse"

[Thr 6] SecudeSSL_SessionStart: SSL_connect() failed --

secude_error 9 (0x00000009) = "the verification of the server's certificate chain failed"

[Thr 6] >> -

Begin of Secude-SSL Errorstack -

>>

[Thr 6] ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed

ERROR in af_verify_Certificates: (24/0x0018) Chain of certificates is incomplete : "CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US"

ERROR in get_path: (24/0x0018) Can't get path because the chain of certificates is incomplete

[Thr 6] << -

End of Secude-SSL Errorstack -

[Thr 6] SSL_get_state() returned 0x00002131 "SSLv3 read server certificate B"

[Thr 6] SSL NI-sock: local=172.20.101.14:62780 peer=172.20.101.17:50001

[Thr 6] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x6000000005e40030)==SSSLERR_SSL_CONNECT

[Thr 6] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT [icxxconn_mt.c 2012]

-

Reference to blog /people/thomas.jung3/blog/2005/05/13/calling-webservices-from-abap-via-https I looked at my strust config and SSL Client SSL Anonymous already has owner CN=anonymous and the certificate "CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US".

I tried all the options and played with settings but all in vain. Can someone please help !!!

Regards,

Yasir.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-02-2009 9:08 PM
0 Kudos

Muhammed,

your PSE looks broken to me. Check like #1094342 + #1318906

The weblog you are reading is from 2005. Please get recent documentation about CTS+ from [original link is broken]

Nesimi

Show replies
Show replies

Answers (1)

Answers (1)

JoelTrinidade
Active Contributor
‎07-02-2009 12:50 PM
0 Kudos

Hi Yasir,

Please post your question in the correct forum ie.. ABAP.

Regards

joel

Show replies
Show replies
Former Member
‎07-02-2009 5:27 PM
0 Kudos

This is pure Sys Admin stuff. Nothing to do with APAP I guess ....

Regards,

Yasir.

Ask a Question