cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

user is not able to Login from external supplier, using the WSS (ICH)

former_member286941
Participant

on ‎11-03-2009 10:43 AM

0 Kudos

Hi Gurus,

The user is not able to login to the server externally from url.

dev_icm is giving below warnings:

[Thr 11052] IcmWatchDogThread: watchdog started

[Thr 11309] ** WARNING => HttpPlugInInit: Parameter icm/HTTPS/trust_client_with_issuer or icm/HTTPS/trust_client_with_subject not set => do

not trust any intermediary*

X.509 cert data will be removed from header [http_plg_mt. 720]

[Thr 11309] =================================================

[Thr 11309] = SSL Initialization on IBM RS/6000 with AIX

[Thr 11309] = (700_REL,May 3 2008,mt,ascii-uc,SAP_UC/size_t/void* = 16/64/64)

[Thr 11309] profile param "ssl/ssl_lib" = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"

resulting Filename = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"

[Thr 11309] = found SAPCRYPTOLIB 5.5.5C pl16 (Jun 10 2004) MT-safe

[Thr 11309] = current UserID: "scaadm", env-var USER="scaadm"

[Thr 11309] = using SECUDIR=/usr/sap/SCA/DVEBMGS41/sec

[Thr 11309] = secudessl_Create_SSL_CTX(): PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLA.pse" not found,

[Thr 11309] = using PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLC.pse" as fallback

[Thr 11309] = Success -- SapCryptoLib SSL ready!

[Thr 11309] =================================================

HTTPS (SSL) settings are as below, i think which means that no ssl certifiacts are required.

icm/HTTPS/verify_client = 0

Kindly help urgently.

regards,

MJ

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

former_member286941
Participant
‎07-30-2010 5:23 AM
0 Kudos

solved

Show replies
Show replies
former_member286941
Participant
‎07-30-2010 5:22 AM
0 Kudos

There is problem with the security certificate in user's desktop in ie8.

its resolved after implementing that.

Show replies
Show replies
former_member286941
Participant
‎11-04-2009 2:56 AM
0 Kudos

this is SCM system.

SSL CA's are set.

what should be value of the parameters?

icm/HTTPS/trust_ client_with_ issuer or

icm/HTTPS/trust_ client_with_ subject

http and https ssl conections are correctly set.

I think the SAPSSLA. pse" not found, is not the problem as the parameter icm/HTTPS/verify_ client = 0 is set, it means that no ssl certifiacts are required.

problem is coming when the system is being accessed from externally using other secure domain name.

the system is being accessed ok from web urs which is internal, but not external.

for example in strust tcode the domain name is *abc.com, which is running fine when accessing the system internally.

but when the user is accessing this sytem from other secure login from *xyz.com, which is also the same companys domain, then the user not able to login, its showing errir.

Show replies
Show replies
Former Member
‎11-03-2009 5:27 PM
0 Kudos

Hi MJ,

Can you give more information on what type of system it is. Also please let is know if SSL is enabled for the same.

Cheers....,

Raghu

Show replies
Show replies
Ask a Question