on 12-14-2006 8:53 PM
I am trying to send PO to vendors using https post using RFC and PROXY. I have installed the SAP Crypto library and configured SSL as stated below. I am not sure what is missing .
If I need to snd the PO what certificates hsould I import in strust from vendor and where. And what certificates should I send them.
Please let me know.
Thanks
Deleted all the certificates.
2. Restarted the system (usually if you restart ICM is enough)
3. Create System PSE
CN=NW5,
OU=IT,
OU=DAIMLERCHRYSLER,
O=SAP Trust Community, C=US, SP=MICHIGAN, L=AHILLS
4. Right Click on SSL Server and Click Create
CN= *.oddc.chrysler.com
OU=IT,
OU=DAIMLERCHRYSLER,
O=SAP Trust Community, C=US, SP=MICHIGAN, L=AHILLS
it creates the instance odxgsd03 with full host
odxsd03.oddc.chrysler.com under it.
5. Client on the instance odxgsd03 and click on create ceritifcate
request and copy from that window. and requested the server
certificate(trial 14 days) from verisign I am going forwarded the
verisign mail for that.
6. In note 510007 it says to import that certificate on instance under
SSL Server through option goto --> import certificate response. But
it didn't work then imported using import option at the bottom .
7. And also imported the test root ca, intermedite CA of verisign into
SSL Servers.
8. Then did sametime with SSL Client standard.(step 5 and 6).
9. Imported test and production Boise into SSL Client standard .
10. restarted the system.
11. SM59 RFC Name: BOISECASCADE type:G and connection failed .
And SMICM log gives following messages:
[Thr 2057] Tue Dec 12 21:57:44 2006
[Thr 2057] MatchTargetName("https://inet-portal.bcop.com", "CN=inet-
portal.bcop.com, OU=Terms of use at www.verisign.com/rpa (
[Thr 2057] SSL socket: local=53.231.101.48:42333
peer=53.231.44.20:9080
[Thr 2057] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x110e63c30)
==SSSLERR_SERVER_CERT_MISMATCH
[Thr 2057] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart fa
[attachment "cert.zip" deleted by Shashidhar Bathula/ITM/DCC/DCX] iled
(-30): SSSLERR_SERVER_CERT_MISMATCH [icxxconn
I am not sure what is going wrong.
Regarding step 6:
When importing the certificate response. Use base-64 encoded format. Also include the other certficate(s) in the chain. I.e: If there's on root, one intermediate then your signed certificate, your import text will look something like this:
-
BEGIN CERTIFICATE----
blablablabla
blablablabla
-
END CERTIFICATE----
-
BEGIN CERTIFICATE----
blablabla
blablablabla
-
END CERTIFICATE----
-
BEGIN CERTIFICATE----
blablabla
blablablabla
-
END CERTIFICATE----
-AD
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I didn't how will import them at once. I have imported one by one. please could you explain it
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi AD,
I have done imported the root CA, intermediate CA and signed certificate one by one from verisign into SSL Server. And used base-64 encoded format. But I haven't imported the all at once. And those certificates addded to the certificate list.
And did the same thing with SSL Client Standard(default).
My question is if I need to connect to Vendor site(using https) what certificates I should send to them. And what certificates I should request from them. And where I should import the vendor's certificate. If possible please provide the email id so that I can send the screenshot.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
94 | |
11 | |
11 | |
10 | |
9 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.