on 10-20-2014 12:55 PM
Hi,
I am trying to enable SSL on a J2ee 7.31 that is used for SSO via SAP Webdispatcher
I have followed the information in
https://help.sap.com/saphelp_nw73/helpdata/en/4a/015cc68d863132e10000000a421937/frameset.htm
I have created the Keypair and added the parameters:
icm/server_port_4 = PROT=HTTPS, PORT=50001, VCLIENT=1, TIMEOUT=60, PROCTIMEOUT=600
and
ssl/ssl_lib = $(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL)
and in SAP MMC the HTTPS port 50001 for icm is active, but when looking in NWA-configuration-SSL it says the SSL port "50001": Not active
What could be the reson for this and how do I get it to work?.
I have checked my Cryptlib and everything looks ok, I have testet the SSL in the browser and it works (yes I get a warning that the certificate is not trusted, but thats expected)
When I try to connect from the webdispatcher I can se in the trace the following:
<<- SapSSLGetPeerInfo(sssl_hdl=0000000029ECAC20)==SAP_O_K
[Thr 7140] out: cert_len = <no cert>
[Thr 7140] out: cipher = "TLS_RSA_WITH_AES128_CBC_SHA"
[Thr 7140] HttpSubHandlerItDeactivate: handler 0: HttpAuthHandler
[Thr 7140] HttpSubHandlerCall: Call Handler: HttpModHandler (00000000009793B0/0000000000979BE0), task=TASK_REQUEST(1), header_len=685
I have added the Client crt from the J2EE to the WebDispatchers PSE and the the WebDispatchers Client crt to the J2EE's PSE (as I have done on other setup like this)
Does anyone have a clue that might help
Regards
I fixed the problem,
It was the port configuration that went wrong
Took me a while to figure out
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Torben,
Can you please check SAP note 1722052 - JAVA AS SSL service access to SAPControl WS
What sp level of 7.31 are you currently using?
regards,
James
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
89 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.