Skip to Content
avatar image
Former Member

Webdispatcher HTTPS-> HTTP activate

I want to configure Web a webdispatcher to <b>Receive</b> HTTPS And to <b>Forward</b> HTTP

I used this document Configuring" target="_blank">http://help.sap.com/saphelp_nw04/helpdata/en/65/6a563cef658a06e10000000a11405a/content.htm">Configuring the SAP Web AS for Supporting SSL

-


The webdispatcher is on D:\sapwebdisp2\

The Sap Cryptographic is on D:\sapwebdisp2\Crypto\

The server is Windows IIS with Environment variable parameter

SECUDIR = D:\sapwebdisp2\Crypto\sec

I defined file parameter of Webdispatcher : sapwebdisp.pfl as :

-


  1. unique instance numberSAPSYSTEM = 31

  2. Accesssability of Message Servers

rdisp/mshost = <server-portal>

ms/http_port = 8101

  1. SAP Web Dispatcher Parameter

wdisp/auto_refresh = 120

wdisp/max_servers = 100

  1. SAP Web Dispatcher Ports

icm/server_port_0 = PROT=HTTPS, PORT=63101, TIMEOUT=900

icm/server_port_0 = PROT=HTTP, PORT=63102, TIMEOUT=900

icm/HTTPS/verify_client = 1

  1. Set DIR_INSTANCE so that the SAP Cryptographic Library can find the sec sub-directory.

DIR_INSTANCE = D:\sapwebdisp2\Crypto

  1. Parameters for the SAP Cryptographic Library

ssl/ssl_lib = D:\sapwebdisp2\Crypto\sapcrypto.dll

ssl/server_pse = D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse

wdisp/ssl_cred= D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse

ssf/ssfapi_lib = D:\sapwebdisp2\Crypto\sapcrypto.dll

sec/libsapsecu = D:\sapwebdisp2\Crypto\sapcrypto.dll

ssf/name = SAPSECULIB

  1. Parameters for Using SSL to the backend server

wdisp/ssl_encrypt = 0

wdisp/ssl_auth = 0

  1. parameter to change protocol HTTPS -> HTTP

wdisp/add_client_protocol_header=true

icm/HTTPS/forward_ccert_as_header = true

  1. parameter to end to end sslwdisp/HTTPS/sticky_mask=255.255.0.0

  2. Parameters for the HTTPS Routing

wdisp/HTTPS/dest_logon_group = HTTP

wdisp/HTTPS/max_client_ip_entries = 100000

-


When I used ICM Webdispatcher Configuration : the Active Services Menu

<b>The HTTPS is not active</b> .

If I actived this service : return message <b><i>Service could not be activated: -14</i></b>

<b>Did you have an example parameter file to HTTPS service ?

How can we activate this service?</b>

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Mar 13, 2006 at 05:39 PM

    Need some help to PSE define

    <b>On Prompt command :</b>

    • ---------------------------------------------------- *

    d:

    path D:\webdispatcher\crypto

    set SECUDIR=D:\webdispatcher\crypto\sec

    sapgenpse get_pse -p SAPSSLC.pse -x pass -r certi.req

    "CN=sopraganesh.cr.infra.lab, O=COMPAGNY, C=FR"

    sapgenpse gen_pse -p SAPSSLS.pse -noreq -x pass

    "CN=sopraganesh.cr.infra.lab, O=COMPAGNY, C=FR"

    sapgenpse seclogin -p SAPSSLS.pse -x pass -O SYSTEM

    sapgenpse seclogin -p SAPSSLC.pse -x pass -O SYSTEM

    • ---------------------------------------------------- *

    <b>I defined the PSE

    I started this webdispatcher,

    it s not found SAPSSLS.pse file</b>

    the log show :

    *[Thr 7144] =================================================

    [Thr 7144] = SSL Initialization

    [Thr 7144] SapISSLComposeFilename(): profile param "ssl/ssl_lib" = "D:\sapwebdisp2\Crypto\sapcrypto.dll"

    resulting Filename = "D:\sapwebdisp2\Crypto\sapcrypto.dll"

    [Thr 7144] SapISSLComposeFilename(): profile param "ssl/server_pse" = "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

    resulting Filename = "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

    [Thr 7144] = found SAPCRYPTOLIB 5.5.5C pl16 (Jun 10 2004) MT-safe

    [Thr 7144] = found SECUDIR environment variable

    [Thr 7144] = using SECUDIR=d:\sapwebdisp2\Crypto\sec

    [Thr 7144] *** ERROR => secudessl_Create_SSL_CTX(): PSE "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse" not found! [ssslsecu.c 1030]

    [Thr 7144] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --

    secude_error 1824 (0x00000720) = "Wrong or Missing PIN for PSE"

    [Thr 7144] >> -


    Begin of Secude-SSL Errorstack -


    >>

    [Thr 7144] ERROR in SSL_CTX_set_default_pse_by_name: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

    ERROR in ssl_set_pse: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

    ERROR in af_open: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

    ERROR in secsw_open: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

    ERROR in sec_parse_PSEInfo_cont: (1824/0x0720) Wrong or Missing PIN for PSE : "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse"

    [Thr 7144] << -


    End of Secude-SSL Errorstack -


    [Thr 7144] *** ERROR => Initialization of SSL library failed -- NO SSL available!

    ======================================

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    May 12, 2006 at 10:01 AM

    Hi Juan,

    Did you happen to find a resolution to your problem? I am having a very similar one wherein I have the PSE defined, but web dispatcher passes back the error message:

    [Thr 7144] *** ERROR => secudessl_Create_SSL_CTX(): PSE "D:\sapwebdisp2\Crypto\sec\SAPSSLS.pse" not found! [ssslsecu.c 1030]

    Did you find a solution?

    Add comment
    10|10000 characters needed characters exceeded