cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTPS/SSL and the Fileadapter

Former Member

on ‎04-05-2004 2:36 PM

0 Kudos

I get this message while setting up SSL with a PKCS12 certificate. What can be wrong.

I created a certificate with the Simple CA tool, signed it, exported it as PKCS12 and put this file in the config of the HTTPservice.

When starting an outbound file adapter the message below apears in the services trace.

Info from services trace

Apr 5, 2004 11:57:49 AM ...ap.aii.messaging.net.HTTPServer.run()

[Thread-26] Error: java.lang.Exception:at com.sap.aii.messaging.net.SSLServerSocketFactory.create(SSLServerSocketFactory.java:112)at com.sap.aii.messaging.net.HTTPServer.run(ServerHttpImpl.java:244)

In the outbound log the message below appears:

          • Mon Apr 05 15:32:54 CEST 2004 *****

15:32:54 (4024): Initializing file adapter failed with

com.sap.aii.messaging.net.TransportException: ERROR creating SSL server port 8250:

iaik/security/provider/IAIK

15:32:54 : Error(s) in adapter configuration parameters found:

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎04-05-2004 3:40 PM
0 Kudos

I did succeed some time ago to configure the file adapter with a PKCS12 keystore on Solaris 8.

Please check:

- using 1.3 JVM?

- iaik_jce.jar and iaik_ssl.jar in classpath?

- BaseConfiguration/HttpServer.properties contains

HTTP.SSLcertificate=xxx.p12^M

HTTP.SSLcertificatePassword=password^M ?

- the PKCS12 keystore contains exactly one certificate?

Regards, Guyy Crets

PS: I used Keytool GUI to create PKCS12 keystore

(http://www.waynegrant.info/keytool.html)

Show replies
Show replies
Former Member
‎04-06-2004 8:57 AM
0 Kudos

Guy,

first of all: My problem is solved. Thanks for the info.

I had made a typing mistake in the classpath (forgot a / somewhere).

Then i had a new problem.

<i>nitializing file adapter failed with

com.sap.aii.messaging.net.TransportException: ERROR creating SSL server port 8250:

null</i>

This was caused by my PKCS12 which had the certificate I needed as wel as the root certificate.

After removing the root certificate with Key Tool Gui (It is a great tool: Thank you for that) my problem was solved.

Although it is solved I am curious on why is it not allowed to have 2 certificates in the PKCS12. Is it described somewhere ?

Former Member
‎04-06-2004 12:02 PM
0 Kudos

Theo,

If multiple certificates would be present, the adapter engine doesn't know which server certificate to use. An alternative would be an extra parameter that refers to the certificate to be used.

Regards, Guy

Former Member
‎04-06-2004 12:56 PM
0 Kudos

Guy,

Thanks. I also found a line in the description of PKCS12 on the openssl.org where something similar is mentioned.

I suppose this alternative parameter is not available in XI 2.0 ?

Theo

Former Member
‎04-06-2004 6:04 PM
0 Kudos

Indeed, such parameter is missing. Guy

Former Member
‎04-07-2006 2:03 PM
0 Kudos

Hi Theo ,

I understand you have installed SSL for file adapter.

I am thinking you are trying to use FTPS feature.

Can you give me the steps I need to take to use FTPS (FTP over SSL).

1. How can I make sure that java cryptology tool kit installed properly? Where can I check in visual admin?

2. Is there any document which explains all the steps to use FTPS apart from help.sap.com

Thank you

Ganges

Ask a Question