Skip to Content
0
Former Member
Oct 18, 2006 at 05:49 PM

Cannot access to portal from outside of DMZ after apply new Verisign certif

21 Views

Hey Gys,

We are running EP5 SP5,after we applied the new Verisign certificate(as we did every year) ,we cannot access to our portal from outside of DMZ.

the eror page is:

<b>Failed to create SSO ticket.

Trying to connect to the ticket creation URL returned an error. Make sure the J2EE server is up and runnning.

HTTP Status : 500

HTTP Response :

IisProxy.dll: 500 Internal Server Error

ProxyWorker(): IOException: NiBufConnect() failed: -10 (NIECONN_REFUSED)

at SapConnection.cpp:518</b>

we check the port and we find out the J2ee cannot communicate theough port 8443

We can find the following error message in the IISPROXY.trace file

Thr 4472] *** ERROR during SecudeSSL_SessionStart() from

SSL_connect()==SSL_ERROR_SSL

[Thr 4472] session uses PSE file "C:\sec\SAPSSLC.pse"

[Thr 4472] SecudeSSL_SessionStart: SSL_connect() failed --

secude_error 536875072 (0x20001040) = "received a fatal SSLv3

handshake failure alert message from the peer"

[Thr 4472] >> -


Begin of Secude-SSL Errorstack -


>>

[Thr 4472] WARNING in ssl3_read_bytes: (536875072/0x20001040) received afatal SSLv3 handshake failure alert message from the peer

WARNING in bio_ctrl: (0/0x0000)

[Thr 4472] << -


End of Secude-SSL Errorstack -


[Thr 4472] SSL_get_state() returned 0x00002120 "SSLv3 read server

hello A"

[Thr 4472] No certificate request from Server

[Thr 4472] <<- ERROR:

SapSSLSessionStart(sssl_hdl=01D0E288)==SSSLERR_SSL_CONNECT

Is there anybody out,who faced the same issue?

Thanks,

Maryam