on 07-25-2008 1:05 PM
Hi,
I need to configure SSL so that we can access the portal through https.
I am getting struck in last step.
I have done till Configuration Adapter changes. I have set the entries for startup-mode as always under Propertysheet ssl-runtime.
After that under SSL provider I am not able to find the 50001 port under Active Socket.
How can I add that ? Under active socket I am able to view 50003 and 50006 port only.
I got following details in the trace file... any idea ??
Cannot open HTTPS server socket on port 50001Check port for usage by another process.
com.sap.engine.services.ssl.exception.BaseIOException: General I/O Exception.
at com.sap.engine.services.ssl.exception.BaseIOException.wrapException(BaseIOException.java:81)
at com.sap.engine.services.ssl.factory.SSLTransportFactory.getServerSocket(SSLTransportFactory.java:90)
at com.sap.engine.core.port.impl0.TransportLayerImpl.openServerSocket(TransportLayerImpl.java:76)
at com.sap.engine.core.port.impl0.PortsManagerImpl.registerTCPListener(PortsManagerImpl.java:270)
at com.sap.engine.core.port.impl0.PortsManagerImpl.registerTCPListener(PortsManagerImpl.java:255)
at com.sap.engine.core.service630.context.cluster.session.CommunicationSessionContextImpl.openServerSocket(CommunicationSessionContextImpl.java:82)
at com.sap.engine.services.httpserver.dispatcher.HttpDispatcherFrame.openSocket(HttpDispatcherFrame.java:752)
at com.sap.engine.services.httpserver.dispatcher.HttpDispatcherFrame.initChangedPorts(HttpDispatcherFrame.java:850)
at com.sap.engine.services.httpserver.dispatcher.HttpDispatcherFrame.setServiceProperties(HttpDispatcherFrame.java:632)
at com.sap.engine.core.service630.container.ContainerEventListenerWrapper.setServiceProperties(ContainerEventListenerWrapper.java:287)
at com.sap.engine.core.service630.container.ServiceWrapper.notifyPropertiesChange(ServiceWrapper.java:269)
at com.sap.engine.services.basicadmin.mbean.StandardServiceManagement.notifyServiceOfPropertiesChange(StandardServiceManagement.java:417)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58)
at com.sap.pj.jmx.mbeaninfo.AdditionalInfoProviderMBean.invoke(AdditionalInfoProviderMBean.java:289)
at com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944)
at com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288)
at com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409)
at com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277)
at com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258)
at com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340)
at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)
at com.sap.engine.services.jmx.MBeanServerInvoker.invokeMbs(MBeanServerInvoker.java:131)
at com.sap.engine.services.jmx.JmxServiceConnectorServer.receiveWait(JmxServiceConnectorServer.java:172)
at com.sap.engine.core.service630.context.cluster.message.MessageListenerWrapper.process(MessageListenerWrapper.java:81)
at com.sap.engine.core.cluster.impl6.ms.MSListenerThread.run(MSListenerThread.java:47)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
Caused by: java.net.BindException: The socket name is already in use.
at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:381)
at java.net.ServerSocket.bind(ServerSocket.java:341)
at java.net.ServerSocket.<init>(ServerSocket.java:208)
at java.net.ServerSocket.<init>(ServerSocket.java:164)
at com.sap.engine.core.port.impl0.BaseTransportFactory.getServerSocket(BaseTransportFactory.java:43)
at com.sap.engine.services.ssl.factory.SSLTransportFactory.getServerSocket(SSLTransportFactory.java:87)
... 31 more
Hi Experts,
I am facing the same issue. Just as I have done with other systems I have uploaded a correct PK12 key and a certificate (named ssl-credentials and ssl-credentials-cert). But even after a restart there is no socket showing (under SSL Provider in the Visual Admin) in either, active or new sockets.
Anyone know if these need to be initialized or created? I have setup 8+ systems in the landscapes with SSL and have not run into this issue yet. You never stop learning ...
I would greatly appreciate any input given.
Thanks in advance,
Jan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Niraj
Follow the below steps
Only if you have problems during the execution of the following configuration task then ensure that the SAP Cryptographic Library is installed correctly. How you can check and install the SAP Cryptographic Library is described in
The configuration task Configuring Secure Sockets Layer (SSL) - Therefore you do not have to execute this configuration task explicitly. During the configuration a certificate signing request will be generated and saved on the host under \usr\sap\<SID>\SYS\global\<SID>_SSL_Certificate_Request.pem
When the official process for server certificates is clarified you would send the file \usr\sap\<SID>\SYS\global\<SID>_SSL_Certificate_Request.pem to the Certificate Authority (CA) for signing. Afterwards you will get the signed request and have to save it under the file \usr\sap\<SID>\SYS\global\<SID>_SSL_Certificate_Response.pem.
For now you can use Test-CA:
a) Open the file \usr\sap\<SID>\SYS\global\<SID>_SSL_Certificate_Request.pem, copy the content.
b) Go to https://security.wdf.sap.corp/public/projects/iaik (Please use EMEA WTS for calling the URL if the page cannot be displayed at your local internet browser).
Scroll down and click on Test-CA.
c) A new window is opened. Click on u201CTest it Now!u201D, enter the text you have copied before and select SAP Web Application Server 6.20 and newer as server type.
d) Click on Continue.
e) You got a signed request shown. Copy and save it under the file \usr\sap\<SID>\SYS\global\<SID>_SSL_Certificate_Response.pem
Regards,
Jayakumar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
24 | |
11 | |
9 | |
7 | |
5 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.