on 09-28-2011 3:46 PM
Hello all,
after installing SAP Content Server 640 on a Windows 2008 R2 SP1 System
it is not possible to get Certificate on SAP TA : CSADMIN
when I click on the Certificate button I get the following Error Message
HTTP error: 500 (Internal Server Error) "CertBag::ReadCerts failed rc=5, Access is denied.
What does it mean ?
the IIS Version seems the Standard
Thanks for your help
Bet regards
Vito
Hi Vito,
could you please run report RSCMST for the affected repository to check for any errors?
For each repository the SAP Content Server maintains two files that keep
the system certificates in order to verify signatures. Both are named
as the repository, one with extension ".cert" and one with ".pse".
These certificates and pse files are stored in the "Security" Directory
below the server installation directory
(C:\program files\SAP\Content Server\Security).
To resolve the issue, remove all files from the Security directory and
make sure that the Security directory has access rights "full control"
for everyone.
After that, distribute a new certificate to the content server for the
repository in question and activate it. This should produce two files
'your_repository_name.cert and your_repository_name.pse.
Afterwards, please test if the same error occurs when you run this
program RSCMST.
Please also ensure that there are no errors reported in transaction
STRUST; the system pse should have a green bauble associated with it.
The error:
HTTP error: 500 (Internal Server Error) "CertBag::ReadCerts failed
rc=5, Access is denied means the content server cannot read the
security subfolder present in Content server installation directory.
Content Server is an ISAPI extension hence the user running the
process "inetinfo" should have sufficiant authorizations to
read and write in to Content Server Installation folder.
Ususaly the default users would be "SYSTEM" or "NETWORK SERVICE"
you can verify this in the windows task manager processes tab the
user of inetinfo process.
Please provide Full access authorizations to these users. Please
provide full access to this directory and all its sub directories to
the NETWORK SERVICE user?
Please also ensure that you follow the recommendations within the
SAP note 851146.
Best regards,
Christoph
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
thank you very much!!!
Your advice about rights on directory was very helpfull.
"These certificates and pse files are stored in the "Security" Directory
below the server installation directory
(C:\program files\SAP\Content Server\Security).
To resolve the issue, remove all files from the Security directory and
make sure that the Security directory has access rights "full control"
for everyone."
User | Count |
---|---|
88 | |
7 | |
6 | |
4 | |
3 | |
3 | |
3 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.