Skip to Content
avatar image
Former Member

SSL Configuration on J2EE Engine

Hi,

I have an SAP PI System and trying to configure the communiction between the Internet Browser and SAP J2EE Engine with SSL protocol

I have sucessfully implemented the server authentication and its fine

For the client authentication i have followed the follwing steps:

1. Created a certificate and imported the signed certificate in Trusted CA with common name as the name of a System user in the SAP System

2. Visual Admin SSL Provider i have request for client authentication and selected the above signed certificate

3. Security Provider selected the System user and then mapped the certificate to the system user

4. Added the modules ClientCertLoginModule as REQUIRED and then the BasicPasswordLoginModule as REQUIRED

5. Exported the private key and imported the private key into my browser

After this when i access the URL https://<hostname>:<httpsport>/ i get nothing opening

it says Internet explorer cannot open page.

Can anyone guide me as to where am i going wrong

Rgds

Aditya

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Apr 22, 2009 at 05:35 AM

    Hello Aditya,

    It looks as if you have missed out some steps

    Please refer to

    http://www.i-barile.it/SDN/EnablingSSL&ClientCertificatesOnTheSAPJ2EEEngine.pdf

    for configuration of SSL on J2EE engine and check out the configuration once again

    Rohit

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi

      For deploying SSL,

      These are the prerequired steps:

      1. deploy the SAP Cryptographic Toolkit

      2. apply the Java Unlimited Strength Jurisdiction

      I think you have not done this.You will have to do these also

      and when you check that post,there also these two steps are mentioned,so please follow the configuration guide and let me know of your results

      Rohit

  • avatar image
    Former Member
    Apr 22, 2009 at 06:43 AM

    Hi Aditya,

    SAP Cryptographic library is required to implement SSL. Also have you created the certificate under service_ssl ?

    I have experienced such error when service_ssl in VA did not have the correct entry. Please create a certificate under Service_SSL with your host entry and map the same for the HTTPS port in SSL Provider service --> Server Identity.

    Regards,

    Karthick.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Karthik and Rohit,

      Thanks for your reply

      I found this

      You can verify that the correct library has been loaded under Dispatcher ® Libraries ® core_lib in the Visual Administrator. The iaik_jce.jar should be included in the list of loaded jars and not iaik_jce_export.jar.

      I checked in Visual Admin i was able to find the iaik_jce.jar file in it

      So i beilve that the jar has been deployed.

      And coming back to the question of ssl_service i have created the server authentication certificate under that service and the Client Authentication certificates under Trusted CAs service.

      More over the Server Authentication i mean if i remove the Require Client Authentication from the SSL Provider Service everything works fine i am able to connect via SSL. The problem is when i use the client authentication

      Rgds

      Aditya