cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTPS Mutual Authentication for WebServices

Former Member

on ‎05-10-2010 8:13 PM

0 Kudos

Hi,

For one of our Vendors we need to connect using HTTPS with mutual authentication.

We are trying to set up RFC Destination with Type G with SSL = Active.

We loaded Vendor's cerificate into SSL Client Anonymous (STRUST). We gave our certificate from XI to the vendor to load in their server.

Now when we are trying to test this in SM59 we are getting ICM_HTTP_SSL_ERROR in PI System.

At Vendor's server, they are saying that it is not authenticating certificate correctly.

Can anyone give any pointers how to set up this correctly and how to debug to pinpoint the problem.Any helps is appreciated.

Regards,

Ramesh

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎05-11-2010 9:56 AM
0 Kudos

Hi,

check HTTPS Service is running on PI.

SMICM -> Goto -> Services

If not, get in touch with your basis team installing the SAPcryptoLib.

Cheers,

André

Show replies
Show replies
Former Member
‎05-11-2010 1:10 PM
0 Kudos

Thanks for your replies.

HTTPS is working ok. We have other HTTPS communication channels that are working.

Vendor Certificates are working OK with other SSL client tools tested by Vendor. Certificates are not expired.

Vendor system admin noticed that their system is requesting for client certificate and then it is failing.

We gave Self signed certificate to them to load in Vendor System. We loaded Vendor certificate in SSL Client(Standard).

But somehow it is failing while doing Mutual Authentication.

(We are setting RFC Destination with Type G - which is HTTP Connection to Ext Server)

Is there any special config we need to do for Mutual Authentication.

Regards,

Ramesh

former_member4985
Employee
Employee
‎05-10-2010 8:57 PM
0 Kudos

Hi Ramesh,

First of all, please check: http://help.sap.com/saphelp_nw04/helpdata/en/da/11df3a9b10355ae10000000a11405a/frameset.htm

The ICM_HTTP_SSL_ERROR is a configuration problem. The ICM can not

connect to the JAVA stack.

Please recheck the SSL configuration. Maybe some certificate has

expired or changed.

Please also check the following WebBlog:

/people/dezso.pap/blog/2008/01/25/ads-ssl-configuration-journal-i-abap--java-640--70x

Regards,

Caio Cagnani

Show replies
Show replies
Ask a Question