cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTPS Connection to Ext server/ SSL Client certificates not displayed

Go to solution
Former Member

on ‎11-22-2005 3:46 PM

0 Kudos

Hi all,

I have followed the following steps to set up HTTPS communication with an external server

1. Installed/Loaded the Certificates in ABAP, STRUST in both SSL Client (Anonymous) and SSL Client (Standard)

2. Installed/Loaded the Certificates in J2EE in Key Storage, Trusted CA's

3. Restarted the ICM

Now In the HTTP adapter Comm channel, i have selected 'HTTP Destination' and in sm59 i have created an RFC destination of Type G and then in the login/security i am selecting SSL Client certificate.

Now my question is

1. Will the certificates that have been installed on ABAP/J2EE visible in SSL Client Certificates dropdown of SSL Client Certificate in login/security tab of RFC destination.

Curently i am not able to see any of the SSL certificates in the combo box, it this a problem. How do i rectify that. I am able to see only Detault SSL Client (Standard)

2. Is the installation of Certificates on both ABAP and Java Stacks necessay. Or it needs to be loaded only on ABAP/ Java Alone..?

3. Is the installation of cryptographic libraries mandarory for SSL Communication. (In help.sap.com it is listed as mandatory, but has anyone tried without installing cryptographic libraries).

Inputs required.

Regards,

Siva Maranani

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
‎11-24-2005 4:14 PM
0 Kudos

See my respone in the other thread:

Cheers, Wolfgang

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎11-22-2005 4:00 PM
0 Kudos

Hi Siva,

1) you should select "basic authentication" so you can see the ananoym ssl client.

Certificates will Not be displayed.

2) I dont remember anything of that kind, ABAP stack is sufficient i think

3) I dont think it is required, cos I dont remember doing anything like that.

well redg #3, I am not sure, but for new clients I have not done this, probably this was one time installation or something where they would have done for the first one.

anyway, keep us posted with ur trials

remember to give target host, path prefix & service no in & proxy settings the "technical settings" tab

hope this fixes your issue

Regards

Vishnu

Show replies
Show replies
Former Member
‎11-22-2005 4:17 PM
0 Kudos

Hi VishnuKanth,

>>1) you should select "basic authentication" so you can >>see the ananoym ssl client.Certificates will Not be >>displayed.

But i want to select the certificate that i have installed previously, when communicating with the external server.

B'cos selecting "basic authentication" means a username/ password and SSL means selecting an SSL certificate that we have installed.

Kindly correct me if i am wrong.

Cheers,

Siva Maranani

Former Member
‎11-22-2005 4:30 PM
0 Kudos

Hi Siva,

The technical settings tab identifies your certificate (Common Name CN.. etc), but you need not select the appropriate cert (& there is no option as well). The connection works even without UID/PWD in the logon settings (also, I have seen UID/PWD settings for couple of default SSL clients).

Also remember, that when you set-up the connection & test, you may hit the server but there might be errors in the output (which are because of improper input msg),if you are able to hit the server then your "https" connection is through, not to worry abt server response.

Regards

Vishnu

Former Member
‎11-22-2005 4:53 PM
0 Kudos

Hi VishnuKanth,

>> technical settings tab identifies your certificate

>>(Common Name CN.. etc),

Can you elaborate me on that.

B'cos Technical settings just contain Target Host, Service No, Path Prefix. So you mean to say that based upon these 3 params the appropriate certificate is selected from the STRUST store and then it hits the external server.

YES, when i perform a Test Connection, i get HTTP/1.0 200OK with some explqnqtion in the body (as mentioned in you post).

Also when i Test my conenction i get the following Error in sxmb_moni,

<SAP:Category>XIAdapter</SAP:Category>

<SAP:Code area="PLAINHTTP_ADAPTER">ATTRIBUTE_SERVER</SAP:Code>

<SAP:P1>403</SAP:P1>

<SAP:P2>Forbidden</SAP:P2>

<SAP:P3>Service Error</SAP:P3>

<SAP:P4 />

<SAP:AdditionalText />

<SAP:ApplicationFaultMessage namespace="" />

<SAP:Stack>Http server code 403 reason Forbidden explanation Service Error</SAP:Stack>

<SAP:Retry>M</SAP:Retry>

Cheers,

Siva Maranani

Ask a Question