on 11-03-2009 10:43 AM
Hi Gurus,
The user is not able to login to the server externally from url.
dev_icm is giving below warnings:
[Thr 11052] IcmWatchDogThread: watchdog started
[Thr 11309] ** WARNING => HttpPlugInInit: Parameter icm/HTTPS/trust_client_with_issuer or icm/HTTPS/trust_client_with_subject not set => do
not trust any intermediary*
X.509 cert data will be removed from header [http_plg_mt. 720]
[Thr 11309] =================================================
[Thr 11309] = SSL Initialization on IBM RS/6000 with AIX
[Thr 11309] = (700_REL,May 3 2008,mt,ascii-uc,SAP_UC/size_t/void* = 16/64/64)
[Thr 11309] profile param "ssl/ssl_lib" = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"
resulting Filename = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"
[Thr 11309] = found SAPCRYPTOLIB 5.5.5C pl16 (Jun 10 2004) MT-safe
[Thr 11309] = current UserID: "scaadm", env-var USER="scaadm"
[Thr 11309] = using SECUDIR=/usr/sap/SCA/DVEBMGS41/sec
[Thr 11309] = secudessl_Create_SSL_CTX(): PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLA.pse" not found,
[Thr 11309] = using PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLC.pse" as fallback
[Thr 11309] = Success -- SapCryptoLib SSL ready!
[Thr 11309] =================================================
HTTPS (SSL) settings are as below, i think which means that no ssl certifiacts are required.
icm/HTTPS/verify_client = 0
Kindly help urgently.
regards,
MJ
solved
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
There is problem with the security certificate in user's desktop in ie8.
its resolved after implementing that.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
this is SCM system.
SSL CA's are set.
what should be value of the parameters?
icm/HTTPS/trust_ client_with_ issuer or
icm/HTTPS/trust_ client_with_ subject
http and https ssl conections are correctly set.
I think the SAPSSLA. pse" not found, is not the problem as the parameter icm/HTTPS/verify_ client = 0 is set, it means that no ssl certifiacts are required.
problem is coming when the system is being accessed from externally using other secure domain name.
the system is being accessed ok from web urs which is internal, but not external.
for example in strust tcode the domain name is *abc.com, which is running fine when accessing the system internally.
but when the user is accessing this sytem from other secure login from *xyz.com, which is also the same companys domain, then the user not able to login, its showing errir.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi MJ,
Can you give more information on what type of system it is. Also please let is know if SSL is enabled for the same.
Cheers....,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.