Configuring SSL/SSF on MiniWAS

Has anyone successfully configured SSL/SSF on the MiniWAS system?  I have downloaded both the SAP security and cryptographic libraries and placed the files in my root directory. In transaction STRUST my system PSE is in a red status, when I try to view the certuficate is prompts for a password but I have no idea what this is. If I recreate the PSE I get the same issue.
Thanks,
Pete

Hi Craig,
did you succeed on activating SSF? I tried the whole weekend to establish a correct installation of the SSF (SAPSYS.pse). In transaction strust there is always an error(error during test signature), and the system ist asking for a password?
SM21: SSF_KRN_SIGN_BY_AS: Function Returned 5    
1) I searched a lot of notes
2) downloaded the newest secu-libs, installed them
3) Recreated the .pse, deleted it, ...
4) tried to import a manual generated SAPSYS.pse (sapsecin, also sapgenpse (try - crypto - not necessary)
5) searched all dev_* o.k. SSF ist correcty initialized
6) tried to set the W2K environment variables USER/SECUDIR
I patched my SAPDB to 7.3.0.54, my kernel is 1609, Service Packs SAPKB62046, SAPKA62046.
PS: What i really want to do is to connect to a Content Server 6.30 (signed http request)
Regards,
Christian

Similar Messages

  • Configuring SSL to make a HTTPS web Service call from XI

    Hi All,
    We are making a <b>https web service call</b> using soap adapter from XI. Looking at the various posts and SAP help links, we are configuring SSL for the same.
    The procedure given in SAP help has been followed to configure SSL but with no luck. If someone had done this could you please give a <b>step by step procedure</b> to configure SSL, we might have missed out on something.
    Also are there are <b>any other settings apart from SSL</b> to be done to make a  https web service call using soap adapter from XI.
    Cheers,
    Chandra

    user13046122 wrote:
    I have an old pl/sql "helper" package, originally written to make SOAP Web Service calls from the database - it uses UTL_HTTP to invoke the target services.
    I now need to make SOAP Web Service calls - from an 8.1.7.4 database
    But the version of UTL_HTTP inside 8.1.7.4 does not contain the functions needed in the helper package
    Can anybody suggest a means of making SOAP Web Service calls from an 8.1.7.4 database ?I think you'll be very lucky to find anyone here who still has access to a version of Oracle that is that old.... I mean... that's like what? 15 years old at least? I'm surprised you've still got hardware that can run that.
    It would probably help if you could post what code you've got and explain which function(s) it's complaining about, as I doubt people will want to guess.

  • Configure SSL in J2SE Plain adapter

    I tryed to configure SSL in J2SE Plain adapter. (7.0)
    I've generated a certificate file "certif_file.cer" and
    while I put in GUIBrowserEngine Property File the following
    line:
    HTTP.SSLcertificate=F:\tech_adapter_70\certif_file.cer
    I've got the following error message:
    16:19:10 : Error(s) in GUIBrowserEngine configuration
    parameters found:
    ERROR: Certificate file 'F: ech_adapter_70certif_file.cer' not
    found, must quit!
    It seems that something wrong with my definition of full path
    to this file. But I do not find from SAP Library any solution
    about this problem.
    Could you help me?

    Hi Boris,
    Please try to give the full path using backslash '/' :
    e.g.  F:/tech_adapter_70/certif_file.cer
    I hope it will work.
              The J2SE Adapter Engine uses SSL only for communication line encryption, not for client and server authentications. Since this is a drawback with respect to security, you should use the J2EE Adapter Engine in insecure environments.
                             All configuration data for the Plain J2SE Adapter Engine is maintained in flat property files.The file for the engine administration data itself is located in the following directory:
    <installation directory>/tech_adapter/BaseConfiguration
    The file for the adapter configuration data is located in the following directory:
    <installation directory>/tech_adapter/Configuration
                       The adapters of the Plain J2SE Adapter Engine are configured locally and not in the Integration  Directory. Exchanged messages are also stored directly in the file system.
    Therefore, ensure that only the operating system user, who has started and therefore owns the adapter engine process, can read the property files and has access to the directories used for message exchange.
    *Pls: Reward points if helpful*
    Regards,
    Jyoti
    Edited by: Jyoti Acharya on Dec 19, 2007 5:05 PM

  • Error while configuring SSL in OID 11g - LDAP 50 Insufficient Access rights

    HI,
    I am trying to configure SSL in OID 11g.As per the doc http://download.oracle.com/docs/cd/E12839_01/oid.1111/e10029/ssl.htm#CBHGBGAF ,i tried creating a Self-Signed Wallte using Fusion Middleware control,But i am getting an error LDAP 50: Insufficient access rights".I logged into Fusion Middle Ware control as Weblogic user.Is anybody faced this issue?.Thanks in advance.

    I am not sure how you tried, but I would recommend to do the following...
    1. Add the 'user1' to "OU=Franchisees,ou=People,dc=company,dc=com"
    2. Delete the 'user1' from 'OU=Internal,ou=People,dc=company,dc=com'

  • Do i have to configure ssl on cisco unified provisioning manager for it to work. I am running BE6000 9.X

    Do i have to configure ssl on cisco unified provisioning manager for it to work

    Here is the code
    #include <userint.h>
    #include "iface.h"
    #define DAQmxErrChk(functionCall) if( DAQmxFailed(error=(functionCall)) ) goto Error; else    
    int write_onoff(uInt8 HL, const char linename[])
      int         error=0;              // error code (initialized to zero i.e. no error)
      TaskHandle  taskHandle=0;            // task ID for DAQmx
      char        errBuff[2048]={'\0'}; // error message
      // DAQmx Configure Code
      SetWaitCursor(1);
      DAQmxErrChk(DAQmxCreateTask("", &taskHandle));
      DAQmxErrChk(DAQmxCreateDOChan(taskHandle, linename, "", DAQmx_Val_ChanPerLine ));
      // DAQmx Start Code
      DAQmxErrChk(DAQmxStartTask(taskHandle));
      // DAQmx Write Code
      DAQmxErrChk(DAQmxWriteDigitalU8(taskHandle, 1, 1, 10.0, DAQmx_Val_GroupByChannel, &HL, NULL, NULL));
      Error:
        SetWaitCursor(0);
        if (DAQmxFailed(error)) DAQmxGetExtendedErrorInfo(errBuff, 2048);
        if (taskHandle!=0)
          // DAQmx Stop Code
          DAQmxStopTask(taskHandle);
          DAQmxClearTask(taskHandle);
        if (DAQmxFailed(error)) MessagePopup("DAQmx Error", errBuff);  
      return error;  
    } // end write_digital_line
    int CVICALLBACK test (int panel, int control, int event, void *callbackData, int eventData1, int eventData2)
      uInt8 onoff=0;
      if (event==EVENT_COMMIT)
        GetCtrlVal(panel, control, &onoff);
        write_onoff(onoff, "Dev1/port0/line0");
      return 0;  // return 0 to tell the system the message has been handled    

  • Configuring SSL in Oracle Apps 11.5.10.2

    Hi,
    I am in the process of configuring SSL in oracle apps 11.5.10.2.
    I am a bit confused with the Note ID: 123718.1. Could you please clarify me on the below things?
    1. SSL can be implemented at three levels,
    (a) Oracle Web/Apache Server Level
    (b) Oracle Form Server Level
    (c) Oracle Database Level
    Can Implement SSL on any one or any two component levels? As per Note:123718.1, we MUST configure SSL for both the Oracle HTTP Server and Oracle Forms Level and these cannot be configured independently.
    2. As per the Note ID: 123718.1, Option 2.1. Certificate Provisioning for Oracle HTTP Server
    Point b in point 2 says to execute "$OPENSSL_TOP/bin/openssl sha1 or* > $HOME/.rnd"
    But which will be the OPENSSL_TOP?
    Please advise on these above two queries.
    Thanks in advance
    Regards,
    Sravan

    Thanks Hussien,
    I have completed SSL configuration at all level including database. Forms are not getting launched. I am getting below error in the Java Console.
    Java Plug-in 1.6.0_23
    Using JRE version 1.6.0_23-b05 Java HotSpot(TM) Client VM
    User home directory = C:\Documents and Settings\sdalav
    c: clear console window
    f: finalize objects on finalization queue
    g: garbage collect
    h: display this help message
    l: dump classloader list
    m: print memory usage
    o: trigger logging
    q: hide console
    r: reload policy configuration
    s: dump system and deployment properties
    t: dump thread list
    v: dump thread stack
    x: clear classloader cache
    0-5: set trace level to <n>
    proxyHost=null
    proxyPort=0
    connectMode=HTTPS
    Exception in thread "thread applet-oracle.forms.engine.Main-2" java.lang.NoClassDefFoundError: oracle/security/ssl/OracleSSLSocketFactory
         at oracle.forms.net.HTTPSStream.<init>(Unknown Source)
         at oracle.forms.net.HTTPConnection.connect(Unknown Source)
         at oracle.forms.engine.Runform.initConnection(Unknown Source)
         at oracle.forms.engine.Runform.startRunform(Unknown Source)
         at oracle.forms.engine.Main.createRunform(Unknown Source)
         at oracle.forms.engine.Main.start(Unknown Source)
         at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
         at java.lang.Thread.run(Unknown Source)
    Caused by: java.lang.ClassNotFoundException: oracle.security.ssl.OracleSSLSocketFactory
         at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
         at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
         at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
         at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
         at java.lang.ClassLoader.loadClass(Unknown Source)
         ... 8 more
    Caused by: java.io.IOException: open HTTP connection failed:https://sandispa.bp.com:8443/OA_JAVA/oracle/security/ssl/OracleSSLSocketFactory.class
         at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
         at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
         at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
         at java.security.AccessController.doPrivileged(Native Method)
         ... 13 more
    Thanks,
    Sravan

  • NPE when configuring SSL in 9.2

    Hi all,
    I'm trying to configure SSL on WLS 9.2 mp4 but am getting a NullPointerException with no additional helpful information.
    I'm using "Custom Identity and Java Standard Trust." I think the location, type, and password of my identity keystore are correct.
    This is the output I'm getting:
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecuritySSL> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <SSLContextManager: initializing SSL context for channel DefaultSecure>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecuritySSL> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <SSLContextManager: loading server SSL identity>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecurityEncryptionService> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <1307462525894 : [ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)' : starting decrypt operation>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Debug> <SecurityEncryptionService> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1307462525894> <000000> <1307462525894 : [ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)' : done with decrypt operation>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Notice> <Security> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1307462525894> <BEA-090171> <Loading the identity certificate and private key stored under the alias weblogicssl from the JKS keystore file c:\projects\ssl\keystore.>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Error> <WebLogicServer> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1307462525894> <BEA-000297> <Inconsistent security configuration, java.lang.NullPointerException>
    ####<Jun 7, 2011 11:02:05 AM CDT> <Error> <Server> <PCSHPQL0089851> <admin> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <> <1307462525894> <BEA-002618> <An invalid attempt was made to configure a channel for unconfigured protocol "null".>
    I've turned on all the debug output I can find.
    I also wrote a little java program that reads the keystore and prints out its contents. Nothing looks wrong to me. I also tried using a known-good keystore from one of our other servers, both in my test app and in WL. Test app shows the same output for both stores with the exception of the things I expect to be different, like DN. WL also fails with the same error.
    Any idea what the problem is or how to debug this further?
    thanks

    Thanks for the response.
    That is the correct name. I should probably change it to keystore.jks but I was following the example of the common trust store named cacerts.
    SSL is enabled with port 7002.
    JVM versions are the same.
    Keytool works fine with it. It shows 1 cert, which is what I expect. The alias is correct. I know the keystore password but I don't know the private key password. I might try generating a new pw and make sure to set and remember a pw on the key itself.
    thanks

  • Need info to configure SSL for Portal Server in EP6SP2

    Hello,
    We need to configure SSL for Portal Server. We are using J2EE 6.20 Patch 25 and EP6SP2P4. The ITS is already using https and it creats lots of Session issues since Portal is not in https.
    Is there any OSS Note or How to guide to configure Portal to use SSL.
    Thanks.
    - PK

    Hi Marcel,
    Thanx for your Post, I have a Question, we will use CISCO for load balancing and SSL termination but I have a big issue, the URL in the portal applciation is always the same ant the URL in the borwser, I guess al the other URL´s are in the Frames, how will we configure the SSL termination for the login page in example if the URL in the Browser appears always the same?
    Thanx in Advanced!!!

  • Configure SSL Throughout Portal in 10.1.2.0.2

    My installation is going to contain both the Infrastructure (IM, SSO) as well as the Middle-tier (Portal) and I want to later configure SSL. Oracle says in the documentation that the servername must be different for each home. I'm thinking that I will use the hosts file to alias the IP address but I'm not sure if the installer looks at the file or somewhere in the system to get the machine name. I don't want to change the machine name after the infrastructure installation has completed but I can change the hosts file and the order of the alias names. Has anyone successfully done this before that can point me in the right direction?
    Thanks,
    Denise

    I've looked at the tool but my concern is having the infrastructure & midtier on the same box. I want to make sure that the initial installation is correct since each installation requires a different server name for ssl to work.
    Has anyone done this and gotten it to work? Suggestions, or things to look out for?
    Thanks,
    Denise

  • How to configure SSL for SOA BPM/Webcenter 11.1.1.3

    Hi,
    I have installed BPM 11.1.1.3 and Webcenter 11.1.1.3 in the same HOME. First installed BPM and then extended the domain for webcenter. During the installation I selected the SSL check-box also. Now how do I disable the HTTP and enable only HTTPS. I need to configure SSL can someone please provide some steps or a link to some document around SSL configuration of BPM/Webcenter 11.1.1.3.
    Thanks

    Hi,
    Anyone I too am looking for the same info.
    Thanks

  • How configure SSL for Oracle Lite

    Hi all,
    I'm trying to configure SSL but I've many doubts.
    I already have one SSL certificate, I read in the documentation that is necessary to use the keytool.
    Someone can help me for use this tool?
    tks,
    Everson

    this should help
    http://weblogic-wonders.com/weblogic/2010/05/19/configuring-ssl-on-weblogic-server-custom-identity-custom-trust/

  • Unable to configure SSL certificate on Apex

    I am trying to configure ssl certificate in one apex application.
    http://docs.tpu.ru/docs/oracle/en/oas/10.1.2.0.0/web.1012/b14007/ssl.htm#i1031859
    as per the above document first step is create a wallet with SSL certificate information.
    While creating wallet i am trying to import the CA certificate and User Certificate.
    But i am not able to import the certificates properly. I am getting error messages.
    Error Message :
    User certificate installation failed
    Possible Errors;
    -- Input was not a valid certificate.
    -- No matching certificate was found
    -- CA certificate is needed for certificate chain not found please install it first.
    What could be the reason for this. and solution for this problem ?

    Yes I am using OWM ( Oracle Wallet Manager)
    First I have created a new wallet and then i did create service request.
    Then Import user certificate and import CA certitificates are enabled.
    Then tried to import the certificates above mentioned errors are coming.....
    Yes first i imported the CA certificate then i imported the user certificate using the wallet manager. I used the copy - paste certificate method while importing.
    Any how if do import user certificate first it will show an error saying install ca certificate first.
    Message was edited by:
    Santhosh Kumar T

  • Configure SSL for virtual web

    Is it possible to achive the following:
    -myhost is a web server.
    -myweb1 is a virtual web located on myhost, so, it is an DNS alias of myhost. it's SSL runs on the server myhost.
    -myhost2 is another virtual web located on myhost and it is an DNS alias of myhost also. it has another key/cert and run SSL on the server myhost also.
    I have been asked to configure SSL termination on my CSS11506 to offload the SSLs trafic.
    Could anyone advice me for a VIP, (myhost), can I use two key/CA? if so, how do I configure them?
    Any comments will be appreciated
    Thanks in advance.

    ssl-proxy-list ssl-slot3
    ssl-server 31
    ............. -> the one which working fine.
    ssl-server 14
    ssl-server 14 vip address 10.1.31.14
    ssl-server 14 cipher rsa-with-rc4-128-sha 10.11.31.14 81
    ssl-server 14 rsakey Myweb1Rkey
    ssl-server 14 rsacert Myweb1Scert
    ssl-server 15
    ssl-server 15 vip address 10.1.31.15
    ssl-server 15 rsakey Myweb2Rkey
    ssl-server 15 rsacert Myweb2Scert
    ssl-server 15 cipher rsa-with-rc4-128-sha 10.11.31.15 81
    active
    service ssl-slot3-srv
    type ssl-accel
    keepalive type none
    slot 3
    add ssl-proxy-list ssl-slot3
    active
    service myhost
    ip address 10.4.31.14
    keepalive type tcp
    keepalive port 80
    active
    owner mytest
    content myweb2-rule
    add service ssl-slot3-srv
    vip address 10.1.31.15
    protocol tcp
    port 443
    content myweb2-rule2
    vip address 10.4.31.15
    protocol tcp
    port 81
    balance leastconn
    add service myhost
    active
    content myweb1-rule
    protocol tcp
    port 443
    add service ssl-slot3-srv
    vip address 10.1.31.14
    active
    Do I miss anything?

  • Configure SSL enabled communication issue

    Hi Experts,
    I'm having this wierd issue.. Installed SharePoint like for the 10th time in my life or so. But this time when I was doing this "Configure SSL enabled communication" steps the Powershell window just hangs forever.
    PS C:\FASTSearch\installer\scripts> .\SecureFASTSearchConnector.ps1 -certPath "C
    :\FASTSearch\data\data_security\cert\FASTSearchCert.pfx" -ssaName "FAST Content"
    -username "domain\user"
    Enter the certificate password: **********
    Installed certificate.
    Updated acls on certificates private keys.
    Nothing happens after that. It usually will say the below but it freezes for me.
    Updated acls on certificates private keys.
    Your FAST Search Connector has been setup to use certificate, restarting osearch14.
    Connection to contentdistributor host:port successfully validated.
    Until I restart the osearch14 manually from services. But after that the contentsource page is never opening up for me.
    I'm I missing something obvious? Or I'm I facing some premission realted issues? nctrl status shwoings everything is running. Any pointers will help.
    Thank you.
    Freddie Maize ..A story with Glory is History. Doesn’t matter whether Glory rest in the world of Demon or God. Lets create History..

    Thank you for your response.
    Yes I have set the particular proerty SSLAlwaysNegoClientCert to True and it is able to establish the ssl conneciton without initiating renegotiation from IIS server side.The property has to be set the metabase.xml file.
    Thank you very much once again.
    Edited by: arpitak on Jun 23, 2010 2:10 AM

  • How to configure SSL in standalone weblogic server for ADF apps

    Hello,
    I'm new to weblogic, Could anyone provide documentation/blog references to configuring SSL in weblogic for adf application. Currently adf application deploys on http I need it to deploy as https.
    Appreciate your response
    Thanks and Regards

    Expand Environment > Click on Server > Click on Keystores Tab
    Under Keystores you have some options like DemoIdentity & Demo Trust.
    If u want to use the default keystores, you dont have to modify these configuations.
    Just enable SSL and specify the listen port.
    Expand Environment > Click on Server > General
    SSL Listen Port Enabled
    SSL Listen Port:
    If u want to use your own keystore Select Custom Identity and Custom Trust besides Keystores Drop Down and specify the require values.
    If u need any clarification let me knw.
    HTH,
    Faisal
    http://download-llnw.oracle.com/docs/cd/E11035_01/wls100/secmanage/ssl.html

Maybe you are looking for

  • Error Message on 7520 All In One Set up on MAC

    I have tried several times to install the drivers for the HP 7520 on my MAC (10.9.5 Mavericks).  Each time I get this error message; The system extension "/System/Library/Extensions/AppleUSBEthernetHost.kext" was installed improperly and cannot be us

  • Regarding an error in the lov

    Hi, I am facing a problem, i am using an lov for an item. When i am running the lov query individually i am not getting any error but when i am using in the lov region i am getting the following error. Exception Details. oracle.apps.fnd.framework.OAE

  • BC Provided javascript not loading in Internet Explorer

    I'm trying to create a web app form that anonymous users can use. I found the snippet of code (below) in the BC Resources: <script type="text/javascript" src="http://code.jquery.com/jquery-latest.js"></script> <script type="text/javascript"> $(docume

  • Resetear FPGA desde PC

    Buenas, Estoy trabajando con un programa subvi desde mi ordenador a modo de control, y en mi modulo cRio tengo trabajando un programa en RealTime (con "Run as Start up")   y el propio programa de la FPGA, configurado como "Run when loaded to FPGA". T

  • Update user_sdo_geom_metadata

    Hi, how can i update this view. I try this: Update user_sdo_geom_metadata set diminfo = MDSYS.diminfo(NULL) WHERE table_name = ART_REQUEST_AREA; I get this error: Fehler bei Befehlszeile:8 Spalte:22 Fehlerbericht: SQL-Fehler: ORA-00904: "ART_REQUEST_