Hi Olivier,

Thanks for replay,

The PSE does exist in my SEC "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" .

I did tried Again I get this error. I think I missing som parameter

= SSL Initialization on PC with Windows NT

[Thr 2292] = (701_REL,Jan 28 2010,mt,ascii-uc,SAP_UC/size_t/void* = 16/64/64)

[Thr 2292] profile param "ssl/ssl_lib" = "E:\usr\sap\WDP\W00\sec\sapcrypto.dll"

resulting Filename = "E:\usr\sap\WDP\W00\sec\sapcrypto.dll"

[Thr 2292] profile param "ssl/server_pse" = "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"

resulting Filename = "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"

[Thr 2292] = found SAPCRYPTOLIB 5.5.5C pl29 (Jan 30 2010) MT-safe

[Thr 2292] = current UserID: WDPEHT1\SAPServiceWDP

[Thr 2292] = found SECUDIR environment variable

[Thr 2292] = using SECUDIR=E:\usr\sap\WDP\W00\sec

[Thr 2292] -*ERROR => secudessl_Create_SSL_CTX(): PSE "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" not found! [ssslsecu.c 1354]

[Thr 2292] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --

secude_error 1281 (0x00000501) = "open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned"*-

[Thr 2292] >> -

Begin of Secude-SSL Errorstack -

>>

[Thr 2292] -*ERROR in SSL_CTX_set_default_pse_by_name: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"*-

-*ERROR in ssl_set_pse: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"

ERROR in af_open: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"*-

ERROR in secsw_open: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"

ERROR in secsw_open_pse_or_extension: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"

ERROR in sec_get_PSEtype: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"

ERROR in aux_read_PSEFile: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"

ERROR in aux_file2OctetString: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"

[Thr 2292] << -

End of Secude-SSL Errorstack -

[Thr 2292] *** ERROR => SapISSLAddCredential(): Error SSSLERR_PSE_ERROR trying to create SERVER Credential

for "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" [ssslxxi.c 2278]

[Thr 2292] *** ERROR => Initialization of SSL library failed -- NO SSL available!

[Thr 2292] =================================================

[Thr 2292] <<- ERROR: SapSSLInit(read_profile=1)==SSSLERR_PSE_ERROR

[Thr 2292] *** ERROR => IcmAddService: SapSSLInit (rc=-40): SSSLERR_PSE_ERROR [icxxserv.c 319]

Her is my profile parameter for https.

h6*#Https parameters for Web dispatcher E:\usr\sap\WDP\W00\sec

#----

#icm/server_port_0 = PROT=HTTPS,PORT=443$$

DIR_INSTANCE = E:\usr\sap\WDP\W00\sec

ssl/ssl_lib = E:\usr\sap\WDP\W00\sec\sapcrypto.dll

ssl/server_pse = E:\usr\sap\WDP\W00\sec\SAPSSL.pse

wdisp/ssl_cred = E:\usr\sap\WDP\W00\sec\SAPSSL.pse

ssf/ssfapi_lib = E:\usr\sap\WDP\W00\sec\sapcrypto.dll

sec/libsapsecu = E:\usr\sap\WDP\W00\sec\sapcrypto.dll

ssf/name = SAPSECULIB

wdisp/ssl_encrypt = 0

icm/server_port_1=PROT=HTTPS, PORT=8400, TIMEOUT=120

###icm/server_port_1=PROT=HTTPS, PORT=44302, TIMEOUT=900 (old)

########icm/server_port_0 = PROT=HTTP,PORT=80, TIMEOUT=120

icm/HTTPS/verify_client=0

wdisp/add_client_protocol_header = true

wdisp/auto_refresh = 120

wdisp/max_servers = 100

wdisp/ssl_auth= 0

#........................................

ms/https_port = 8400

wdisp/HTTP/use_pool_for_new_conn=1

wdisp/HTTPS/dest_logon_group = HTTPS

#wdisp/server_info_protocol = https

#wdisp/group_info_protocol = https

#wdisp/url_map_protocol = https

wdisp/ssl_ignore_host_mismatch = fals

icm/HTTPS/forward_ccert_as_header = true

icm/HTTPS/trust_client_with_issuer = CN = SAP CA,*

icm/HTTPS/trust_client_with_subject = CN = sapwebdisp,*h6

Regards

Hi Reza,

OK it exists but it seems it cannot be read because of file system rights.

The problem does not seem to be on the web disptcher configuration side.

Regards,

Olivier

Hi Olivier,

I have windows For OS. Any idea how can I solve this permision problem?

Thanks

Hi again,

>I have windows For OS. Any idea how can I solve this permision problem?

right click --> properties. Check the user which runs the web dispatcher.

An other idea : did you set a password on the SAPSSL.pse file ?

Regards,

Olivier

Hi,

on properties. I did check the user which runs the web dispatcher that has alle permision .

I did used this command for create SAPSSL.pas

sapgenpse get_pse -p SAPSSL.pse -x ssipin -r SAPSSL.req "CN=wdpeht1.ssi.ad, OU=ssi, OU=SAP

I did not set a password on the SAPSSL.pse file.

Regards,

>sapgenpse get_pse -p SAPSSL.pse -x ssipin -r SAPSSL.req "CN=wdpeht1.ssi.ad, OU=ssi, OU=SAP

>I did not set a password on the SAPSSL.pse file.

Sorry, yes you did and the password (pin) is "ssipin".

So did you create the manadatory credentials to open the PSE file ? (sapgenpse seclogin ....) It seems not to me...

check [http://help.sap.com/saphelp_nw70ehp1/helpdata/en/48/9a9a6b48c673e8e10000000a42189b/frameset.htm]

Regards,

Olivier