on 06-14-2012 12:14 AM
I am currently configuring a webdispatcher with end to end SSL config for a NWCE CI with 2 app servers running SAP Sourcing 7.0.
Does anyone have a good write up on how the configuration is to be done? Please don't refer to the SAP help pages, as I have already gone through that.
I have put the parameters in, but when coming in with HTTPS, the connection is not getting established on the webdispatcher.
here are the errors in the dev_webdisp file:
Thr 2588] *** ERROR => RoutePlgAttachToNewServer: IcrAttachToServer(75.176.70.225) for group HTTPS: rc=13 [route_plg.c 1220]
[Thr 2588] *** ERROR => RoutePlugInStartConn: RoutePlgAttachToNewServer(75.176.70.225): rc=-1 [route_plg.c 659]
[Thr 2588] *** ERROR => IcmConnInitServer: PluginStartConn failed (rc=701) [icxxconn.c 1477]
[Thr 824] *** ERROR => RoutePlgAttachToNewServer: IcrAttachToServer(75.176.70.225) for group HTTPS: rc=13 [route_plg.c 1220]
[Thr 824] *** ERROR => RoutePlugInStartConn: RoutePlgAttachToNewServer(75.176.70.225): rc=-1 [route_plg.c 659]
[Thr 824] *** ERROR => IcmConnInitServer: PluginStartConn failed (rc=701) [icxxconn.c 1477
Hi Jayson,
From your problem, it looks like that Web dispatcher is working fine for http. Hence you should have done below steps :
1) Configure web dispatcher logon group
2) Activate public ICF nodes
3) Create web duspatcher profile.
4) Ensure that ports are assign correctly in below parameters:
icm/server_port_0 = PROT=HTTP,PORT=445<XX>,TIMEOUT=…
icm/server_port_1 = PROT=HTTPS,PORT=446<XX>,TIMEOUT=…
icm/server_port_2 = PROT=ROUTER,PORT=447<XX>,TIMEOUT=…
icm/server_port_3 = PROT=HTTPS,PORT=448<XX>,TIMEOUT=…
icm/HTTP/admin_0 = PORT=448<XX>,PREFIX=…
5) Maintained web dispatcher start stop commands in Start profiles.
If you only have problem with https, SSL Libraries and PSE files required. You should installed crypgraphic libraries & generate PSE file with transaction Strustsso2.
To Update SSL Client PSE with SSL Server Public Keys:
1) set wdisp/ssl_encrypt = 2
2) Manually import SSL server Public keys as web dispatcher acts as an SSL client.
Check below screens for step 2.
Regards
Vishal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Vishal,
The webdispatcher is in front of a NWCE JAVA only system so the ABAP doesn't apply to me.
My webdispatcher is setup for end-to-end SSL using the PROT=ROUTER for port 443, so any HTTPS request that comes through, it just forwards it to the application server where it terminates.
The error i'm getting looks like the request is not being pushed to the backend application server correctly.
Here is my webdispatcher profile, can you see anything missing?
SAPSYSTEMNAME = XXX
SAPGLOBALHOST = XXXXXXX
SAPSYSTEM = 00
INSTANCE_NAME = W00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_CT_RUN)
DIR_PROFILE = $(DIR_INSTALL)\profile
_PF = $(DIR_PROFILE)\CWD_W00_XXXXXX
SETENV_00 = PATH=$(DIR_EXECUTABLE);%(PATH)
#-----------------------------------------------------------------------
# Accesssability of Message Server
#-----------------------------------------------------------------------
rdisp/mshost = XXXXX
ms/http_port = 8101
ms/https_port = 443
#-----------------------------------------------------------------------
# Configuration for medium scenario
#-----------------------------------------------------------------------
icm/max_conn = 500
icm/max_sockets = 1024
icm/req_queue_len = 500
icm/min_threads = 10
icm/max_threads = 50
mpi/total_size_MB = 80
#-----------------------------------------------------------------------
# SAP Web Dispatcher Ports
#-----------------------------------------------------------------------
icm/server_port_0 = PROT=HTTP,PORT=81$$
icm/server_port_1 = PROT=HTTP,PORT=80,TIMEOUT=3600,PROCTIMEOUT=3600
icm/server_port_2 = PROT=ROUTER,PORT=443,TIMEOUT=60,PROCTIMEOUT=60
#-----------------------------------------------------------------------
# Start webdispatcher
#-----------------------------------------------------------------------
_WD = $(DIR_EXECUTABLE)\sapwebdisp$(FT_EXE)
Start_Program_00 = local $(_WD) pf=$(_PF)
icm/HTTP/redirect_0 = PREFIX=/, FOR=XXXXXXXXXXXXXXX, TO=/sourcing/fsvendor/vendordesktop/login
wdisp/HTTPS/dest_logon_group = HTTPS
ssl/ssl_lib = $(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL)
sec/libsapsecu = $(ssl/ssl_lib)
ssf/ssfapi_lib = $(ssl/ssl_lib)
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.