cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSL mismatch while sending PO usingHTTPS

Go to solution
Former Member

on ‎12-14-2006 8:53 PM

0 Kudos

I am trying to send PO to vendors using https post using RFC and PROXY. I have installed the SAP Crypto library and configured SSL as stated below. I am not sure what is missing .

If I need to snd the PO what certificates hsould I import in strust from vendor and where. And what certificates should I send them.

Please let me know.

Thanks

Deleted all the certificates.

2. Restarted the system (usually if you restart ICM is enough)

3. Create System PSE

CN=NW5,

OU=IT,

OU=DAIMLERCHRYSLER,

O=SAP Trust Community, C=US, SP=MICHIGAN, L=AHILLS

4. Right Click on SSL Server and Click Create

CN= *.oddc.chrysler.com

OU=IT,

OU=DAIMLERCHRYSLER,

O=SAP Trust Community, C=US, SP=MICHIGAN, L=AHILLS

it creates the instance odxgsd03 with full host

odxsd03.oddc.chrysler.com under it.

5. Client on the instance odxgsd03 and click on create ceritifcate

request and copy from that window. and requested the server

certificate(trial 14 days) from verisign I am going forwarded the

verisign mail for that.

6. In note 510007 it says to import that certificate on instance under

SSL Server through option goto --> import certificate response. But

it didn't work then imported using import option at the bottom .

7. And also imported the test root ca, intermedite CA of verisign into

SSL Servers.

8. Then did sametime with SSL Client standard.(step 5 and 6).

9. Imported test and production Boise into SSL Client standard .

10. restarted the system.

11. SM59 RFC Name: BOISECASCADE type:G and connection failed .

And SMICM log gives following messages:

[Thr 2057] Tue Dec 12 21:57:44 2006

[Thr 2057] MatchTargetName("https://inet-portal.bcop.com", "CN=inet-

portal.bcop.com, OU=Terms of use at www.verisign.com/rpa (

[Thr 2057] SSL socket: local=53.231.101.48:42333

peer=53.231.44.20:9080

[Thr 2057] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x110e63c30)

==SSSLERR_SERVER_CERT_MISMATCH

[Thr 2057] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart fa

[attachment "cert.zip" deleted by Shashidhar Bathula/ITM/DCC/DCX] iled

(-30): SSSLERR_SERVER_CERT_MISMATCH [icxxconn

I am not sure what is going wrong.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎12-15-2006 8:29 AM
0 Kudos

Regarding step 6:

When importing the certificate response. Use base-64 encoded format. Also include the other certficate(s) in the chain. I.e: If there's on root, one intermediate then your signed certificate, your import text will look something like this:

-

BEGIN CERTIFICATE----

blablablabla

blablablabla

-

END CERTIFICATE----

-

BEGIN CERTIFICATE----

blablabla

blablablabla

-

END CERTIFICATE----

-

BEGIN CERTIFICATE----

blablabla

blablablabla

-

END CERTIFICATE----

-AD

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎12-15-2006 1:47 PM
0 Kudos

I didn't how will import them at once. I have imported one by one. please could you explain it

Show replies
Show replies
Former Member
‎12-15-2006 12:56 PM
0 Kudos

Hi AD,

I have done imported the root CA, intermediate CA and signed certificate one by one from verisign into SSL Server. And used base-64 encoded format. But I haven't imported the all at once. And those certificates addded to the certificate list.

And did the same thing with SSL Client Standard(default).

My question is if I need to connect to Vendor site(using https) what certificates I should send to them. And what certificates I should request from them. And where I should import the vendor's certificate. If possible please provide the email id so that I can send the screenshot.

Show replies
Show replies
Former Member
‎12-15-2006 1:34 PM
0 Kudos

To import the certificate response OK you have to import them all at once.

-AD

Ask a Question