Hi,

We are implementing SAP BillerDirect Portal. To make BillerDirect Portal available over the internet, we Configured SAP WebDispatcher with SSL termination. We followed the steps mentioned in SAP Help Documentaion for SAP WebDispatcher with SSL termination.

http://help.sap.com/saphelp_nw2004s/helpdata/en/76/6d4fa247d0d647b5bd40745400d873/frameset.htm

We created certificate and send it to CA (TrustCenter CA). We received the CA response and we imported the certificate.

AS mentioned in the help document, we configured the SAP Web Dispatcher profile to support SSL termination

We tried to access our BillerDirect Portal over the internet using below link

https://company.com/bd

We are getting login page, once we enter correct user ID and Password, portal is not loading (not going to next page) portal remains on same login page.

If we enter invalid credentials portal login page is giving u201CUser Authentication Failedu201D error.

If we try to access any portal login pages which brings a pop-up for login, login gets succeeded and we are able to see next pages

Examples

1) https://company.com/bd/admin/xcm/init.do

2) https://company.com/monitoring/SystemInfo

All pages which bring up portal login page without pop-up, not able to pass through portal login screen.

We Tried the ProxyMapping option on Dispatcher using Visual admin. This option also didnu2019t work for us.

Here is the WebDispatcher Profile

SAPSYSTEMNAME = xxx

SAPGLOBALHOST = xxxxx

SAPSYSTEM = 00

INSTANCE_NAME = W00

DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTI386

DIR_EXECUTABLE = $(DIR_CT_RUN)

#----

1. Accesssability of Message Server

#----

rdisp/mshost = hostnameofportalserver with FQDN

ms/http_port = 8101

#----

1. Configuration for medium scenario

#----

icm/max_conn = 500

icm/max_sockets = 1024

icm/req_queue_len = 500

icm/min_threads = 10

icm/max_threads = 50

mpi/total_size_MB = 80

#----

1. SAP Web Dispatcher Ports

#----

icm/server_port_0 = PROT=HTTPS,PORT=443

icm/server_port_1 = PROT=HTTP,PORT=80

icm/HTTPS/verify_client = 0

1. SAP Web Dispatcher Web Administration

icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=D:\usr\sap\xxx\W00\data\icmanroot\admin,AUTHFILE= D:\usr\sap\xxx\SYS\global\security\data\icmauth.txt

1. Parameters for the SAP Cryptographic Library

ssl/ssl_lib = D:\usr\sap\xxxW00\sapcrypto.dll

ssl/server_pse = D:\usr\sap\xxx\W00\sec\SAPSSLS.pse

ssf/name = D:\usr\sap\xxx\W00\sec\SAPSSLS.pse

ssf/ssfapi_lib = D:\usr\sap\xxx\W00\sapcrypto.dll

sec/libsapsecu = D:\usr\sap\xxx\W00\sapcrypto.dll

wdisp/ssl_cred = D:\usr\sap\xxx\W00\sec\SAPSSLC.pse

1. Parameters for Using SSL to the backend server

wdisp/ssl_encrypt = 1

wdisp/ssl_auth = 1

wdisp/ssl_cred = D:\usr\sap\xxxW00\sec\SAPSSLC.pse

wdisp/ssl_certhost = hostnameofportalserver with FQDN

wdisp/ssl_ignore_host_mismatch = true

#ICM Parameters

icm/HTTP/j2ee_0 = PREFIX=/, HOST =hostnameofportalserver with FQDN PORT=50000,SPORT=50001, SSLENC=1,TYPE=1, CRED =D:\usr\sap\xxx\W00\sec\SAPSSLC.pse

We also tried below options in WebDispatcher profile but we are getting same problem.

wdisp/add_client_protocol_header = true

wdisp/add_clientprotocol_header = 1

wdisp/ssl_ignore_host_mismatch = true

#ICM Parameters

icm/HTTPS/forward_ccert_as_header = true

icm/HTTPS/trust_client_with_issuer = *

icm/HTTPS/trust_client_with_subject = *

we also tried

wdisp/ssl_encrypt = 0

wdisp/ssl_auth = 0

we also tried

wdisp/ssl_encrypt = 2

wdisp/ssl_auth = 2

We are not able to resolve issue. Please help us on resolving this issue.

Thanks

Praveen