Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSL on Web Dispatcher

Former Member

‎11-02-2007 4:05 PM

0 Kudos

Hi,

I've been trying to implement SSL on our Web Dispatcher. We are terminating the SSL connection at the Web Dispatcher. We can successfully login to the admin using regular HTTP, the issues happen when trying to use HTTPS

http://blah.ca:8888/sap/wdisp/admin works when you change PROT to HTTP

https://blah.ca:8888/sap/wdisp/admin does NOT work when you change PROT to HTTPS

We followed the steps outlined in http://help.sap.com/saphelp_nw70/helpdata/en/39/09a63d7af20450e10000000a114084/frameset.htm

Steps taken:

Installed the Cryptographic Library on the Web Dispatcher

Setup the profile parameters

Created the PSE and certificate request

Sent the certificate to be signed

Imported the certificate response

Created credentials

Restarted the Web Dispatcher

Tried to test HTTPS, failed.

Here is a list of our current profile parameters (for scenario SSL termination at Web Dispatcher)

  1. Profile generated by sapwebdisp bootstrap

  1. unique instance number

SAPSYSTEM = 7

  1. add default directory settings

DIR_EXECUTABLE = E:\usr\sap\RD3\SYS\exe\nuc\NTAMD64\

DIR_INSTANCE = E:\usr\sap\RD3\SYS\exe\nuc\NTAMD64\

  1. Accessibility of Message Servers

rdisp/mshost = blah.ca

ms/http_port = 8100

  1. SAP Web Dispatcher Parameter

wdisp/auto_refresh = 120

wdisp/max_servers = 100

wdisp/shm_attach_mode = 6

  1. configuration for default scenario (medium size)

icm/max_conn = 500

icm/max_sockets = 1024

icm/req_queue_len = 500

icm/min_threads = 10

icm/max_threads = 50

mpi/total_size_MB = 80

#maximum number of concurrent connections to one server

wdisp/HTTP/max_pooled_con = 500

wdisp/HTTPS/max_pooled_con = 500

  1. SAP Web Dispatcher Ports

icm/server_port_0 = PROT=HTTPS,PORT=8888

icm/server_port_1 =

  1. SAP Web Dispatcher Web Administration

icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=E:\usr\sap\RD3\SYS\exe\nuc\NTAMD64\admin,AUTHFILE=E:\usr\sap\RD3\SYS\exe\nuc\NTAMD64\icmauth.txt

#----

#Added to enable SSL

#----

ssl/ssl_lib = E:\usr\sap\RD3\SYS\exe\nuc\NTAMD64\sapcrypto.dll

ssl/server_pse = E:\usr\sap\RD3\SYS\exe\nuc\NTAMD64\sec\SAPSSLS.pse

wdisp/ssl_encrypt = 0

wdisp/add_client_protocol_header = true

icm/HTTPS/verify_client = 0

Will award points for any help. Thanks!

1 REPLY 1

Former Member

‎11-02-2007 5:43 PM

0 Kudos

Issue had to do with security on the /sec directory. The user running the Web Dispatcher must have rights in there.