Skip to Content
0
Jan 18, 2011 at 07:12 PM

Why HTTP is redirected to HTTPS even if web service is without security?

1878 Views

Dear experts,

I have generated a web service from SOAMANAGER, based on FM. The service is configured with the following:

- Security to none

- Transport protocol to HTTP

- No authentication method

- No ABAP service user/password

- Transport security to none

The WDSL is with HTTP but redirected to HTTPS and requires a certificate to be executed. I was expecting that there would be no redirection and that a certificate would not be requested.

Reading on ICM (Internet Communication Manager)[http://help.sap.com], ([http://help.sap.com/saphelp_nw04s/helpdata/en/00/040f3a39ce8704e10000000a114084/frameset.htm]), it seems that the HTTP redirection to HTTPS is configured in ICM.

My questions are:

- Is it normal that HTTP is redirected to HTTPS?

- Is ICM the reference and wins over the web service configuration in SOAMANAGER?

- How are ICM and SOAMANAGER related then?

- Why is a certificate required if the web service has not security set whatsoever?

Thanks a lot for any hints or links to documents that would help understand.

Best Regards

Isabelle

Edited by: Isabelle Thore on Jan 18, 2011 8:49 PM