Skip to Content
avatar image
Former Member

Doubts regarding setup SSL and HTTPS connectivity (Note 1901250)


I´m some doubts regarding the setup that I need to perform cover in the SAP note 1901250 - PT: WS - Online communication to AT : Technical Req

1. Check configuration/Installation of SSL on Web Application server ABAP, and if it is not configured in your system then Apply note number 510007

--> How can I check the configuration/installation of SSL in our SAP ERP systems? Can you tell me please?

7. You must have HTTPS connectivity from your ERP landscape to the address and

HTTPS Traffic should be open for the ports 701(Test port), 401(Production port) in both directions in your Firewall, between all ERP servers and WWW.

--> How can I garantee the HTTPS connectivity from our ERP system to the some addresses? Can you explain me that please?

I should setup anything in SMICM or SICF transactions? If yes, what and how?

Kind regards,

samid raif

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Sep 04, 2014 at 12:55 AM
    Add comment
    10|10000 characters needed characters exceeded

    • Former Member


      Same problem here.

      I want to connect to the AT Webservice using a SAP XI 7.0 between ERP and Webservice

      I installed all certificates as described in the SAP notes 2054553 - PT: WS - Online communication to AT: Certificates  1901250 - PT: WS - Online communication to AT : Technical Req

      I have a HTTP receiver communication channel which refers to my RFC HTTP destination (type G).

      In my RFC destination I set SSL client-certificate to the entry of the individual certificate list which I created during the certificate Installation in STRUST.

      When I'm testing the RFC connection I'm getting following errors in ICM trace...

      Can anybody help me?

      How can I set the necessary parameter ssl/client_ciphersuites?


      SAP Cryptolib is:

      SSFLIB Version 1.840.40 ; CommonCryptoLib (SAPCRYPTOLIB) Version 8.4.19 (+MT) #Copyright (c) SAP AG, 2011-2014#compiled for aix-6.1-ppc-64#

      [Thr 2314] IcmConnInitClientSSL: initiate proxy-connect with

      [Thr 2314] IcmConnProxyHandshake: send proxy-authorization header for user: xxx

      [Thr 2314] NiIWrite: hdl 121 sent data (wrt=160,pac=1,RAW_IO)

      [Thr 2314] NiIRead: hdl 121 recv would block (errno=EAGAIN)

      [Thr 2314] Fri Sep 12 14:42:49 2014

      [Thr 2314] NiIRead: hdl 121 received data (rcd=39,pac=1,RAW_IO)

      [Thr 2314] data (39) from proxy:

      [Thr 2314] HTTP/1.1 200 Connection established#

      [Thr 2314] #

      [Thr 2314]

      [Thr 2314] ICT: IctIHttpOpenMessage: 1177e5f70 typ=2

      [Thr 2314] ICT: IctHttpCloseMessage( 1177e5f70 ) -> u=0 rc=0

      [Thr 2314] <<- SapSSLSessionInit()==SAP_O_K

      [Thr 2314]      in: args = "role=1 (CLIENT), auth_type=3 (USE_CLIENT_CERT)"

      [Thr 2314]     out: sssl_hdl = 11779bbf0

      [Thr 2314] NiIBlockMode: set blockmode for hdl 121 TRUE

      [Thr 2314]   SSL NI-sock: local=xxx.xx.xx.xx:32937  peer=Xx.xx.x.xx:8080

      [Thr 2314] <<- SapSSLSetNiHdl(sssl_hdl=11779bbf0, ni_hdl=121)==SAP_O_K

      [Thr 2314]   SapISSLComposeFilename(): Filename = "/usr/sap/XIE/DVEBMGS26/sec/SAPSSLWPSTAT.pse"

      [Thr 2314] <<- SapSSLSetSessionCredential(sssl_hdl=11779bbf0)==SAP_O_K

      [Thr 2314]      in: cred_name = "/usr/sap/XIE/DVEBMGS26/sec/SAPSSLWPSTAT.pse"

      [Thr 2314] IcmConnInitClientSSL: using pse /usr/sap/XIE/DVEBMGS26/sec/SAPSSLWPSTAT.pse, show client certificate if available

      [Thr 2314] <<- SapSSLSetTargetHostname(sssl_hdl=11779bbf0)==SAP_O_K

      [Thr 2314]      in: hostname = ""

      [Thr 2314] Fri Sep 12 14:42:50 2014

      [Thr 2314] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_CONNECTION_LOST

      [Thr 2314]    session uses PSE file "/usr/sap/XIE/DVEBMGS26/sec/SAPSSLWPSTAT.pse"

      [Thr 2314] No Secude Error present in trace stack!

      [Thr 2314]   SSL_get_state() returned 0x000021d0 "SSLv3 read finished A"

      [Thr 2314]   No certificate request received from Server

      [Thr 2314] <<- ERROR: SapSSLSessionStart(sssl_hdl=11779bbf0)==SSSLERR_SSL_CONNECT

      [Thr 2314] <<- SapSSLErrorName()==SSSLERR_SSL_CONNECT

      [Thr 2314] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT {00010073} [icxxconn_mt.c 198

      [Thr 2314] <<- SapSSLSessionDone()==SAP_O_K

      [Thr 2314]      in: sssl_hdl   = 11779bbf0

      [Thr 2314]          ... ni_hdl = 121