on 12-06-2013 8:46 AM
Dear Team,
We are facing the below issue after enabling the imported the SSL server & SSL clinet certificates.
[Thr 3180] SSL NI-sock: local=127.0.0.1:4144 peer=127.0.0.1:50101
[Thr 3180] <<- ERROR: SapSSLSessionStart(sssl_hdl=00000000011FECB0)==SSSLERR_SERVER_CERT_MISMATCH
[Thr 3180] *** ERROR => IcmConnPoolConnect: SapSSLSessionStart failed (-30): SSSLERR_SERVER_CERT_MISMATCH [icxxpool.c 2097]
[Thr 3180] *** ERROR => Cannot reach external Application Server on localhost:50101 {00030597} [http_j2ee.c 820]
regards,
Manoj K
Hi,
You try to set up a secure connection for a server in the form "https://<server name>:<port>". However, the certificate that is returned by the server is issued for a different server name and is therefore rejected. In particular, this happens if you use the IP address of the server instead of the server name in the URL.
You must be able to access the server under the address for which the certificate was issued. For example, if the server certificate was issued to the name "CN=www.sap.com, C=DE", then you must be able to access the server using the URL "https://www.sap.com"
For more info please read it .
1318906 - Trace analysis of SSL problems
So please check what was the name that you requested the certs.
Thanks
Rishi Abrol
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Both,
Let me explain the reason why I got the "SSSLERR_SERVER_CERT_MISMATCH" error in the SMICM trace.
Reason :
=> And also import ssl-credentials-cert from Visual Admin in to the SSL server standard in STRUST.
Above steps are not performed in my system , that is the reason why I am getting the above error.
I have followed the above steps and now I dont see that error. Issue got fixed.
PS: If you don't see the HTTPs port (5$$01) under Active sockets, please follow below SAP notes.
1705065 - Active Socket Ports not visible on Visual Administrator after a restart
1892723 - Active Sockets of SSL Provider service shows blank/disappear after system restart
Thank you for the support.
Best Regards,
Manoj K
Hi Manoj,
1. I assume that this is with the portal?
2. Which version of NetWeaver are you running?
3. What is the server name in the certificate? It looks like 'localhost' above, and that's not a good idea.
4. Has the certificate request been raised and sent?
5. If so, has it been returned?
can you give us some more info so that we can assist?
Regards,
Graham
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.