SSL between ITS and LDAP

Hello:
I have a ITS 6.20 patchlevel 22 with Linux Red Hat Enterprise 4. I have configured the service PAS to access to the Employee Self-Service of the ITS via LDAP.
I want to configure SSL between my ITS and the LDAP, but I read in note 456666 that it is only possible for Microsoft Windows and my ITS is Linux.
Is it correct?
Regards,
Felipe Sánchez

Hi,
~ldapport=636
636 is normally the secure port or the LDAP SSL port, but this depends on the directory server and additionaly things also.
Therefore I advise you to use example or SDK coding from your directory server or vendor. Normally things like certificate exchange / key exchange and configuration needed to ensure the secure configuration.
All these things are vendor dependend steps and therefore SAP has no documentation about it,e.g. Novell directory server has a SDK with example coding for SSL connections. This coding in combination with SAPs PAS SDK can be used to build a shared library with LDAP SSL.
regards,
-markus

Similar Messages

  • Difference between ITS and WAS server

    difference between ITS and WAS server

    Hello Pradeep,
    The ITS is the Internet Transaction Server.  WAS is Web Application Server.  I'm not sure how to compare the two because the WAS from Basis 6.40 and higher includes the ITS.  I think the question you wanted to ask is the difference between the Standalone ITS and the Integrated ITS???
    The Standalone ITS is installed on a web server (IIS or Apache usually).  It could also include another server that we call the AGate. 
    The Integrated ITS comes with the WAS Basis 6.40 and higher.  Therefore not needing a separate web server.
    There is also a note that lists some differences of the two.
    Edgar

  • SSL between XI and a business partner

    Has anyone gotten SSL between XI and an external business partner up and running? I would like to have a short discussion with someone who has been successful. I am trying to send messages out from XI that require XI to be active. Please don't direct me to the documentation because we have read it and  it has not been very helpful. 
    regards,
    Chris

    Hello Richard,
    I can't see we have been successful but we are close. Here are the steps:
    1. HTTPS service needs to be active (Tx: SMICM)
    2. You need to load the SSL certificate key in your XI system (Tx: STRUST)
    3. You will need to create an RFC (type G)pointing to your target server. Then select the SSL (acitve) and the private key you want to use (you will need one RFC destination by server key).
    4. Use your RFC destination in your HTTP Adapter:
    on the HTTP adapter don't select URL address but select RFC destination.
    I hope this will help.
    PLease don't heistate to ask if you need more detail.
    Mustapha

  • Difference between ITS and Web Application Server

    Hi All,
       What is ITS server. Can anyone explain me the difference between ITS and WAS(Web Application Server)
    Thanks
    Harpreet

    Hi Harpreet:
    ITS is basically the tool that allow you to use SAP via http. Theres lots of info about <a href="http://help.sap.com/saphelp_nw04/helpdata/en/0d/654d356560054ce10000009b38f889/frameset.htm">ITS</a> or <a href="http://help.sap.com/saphelp_nw04s/helpdata/en/5f/0ef441ad7bc417e10000000a155106/frameset.htm">WebAS with Integrated ITS</a>
    The ITS is a standalone application connected to R3 via RFC connection, In the SAP WebAS the ITS is integrated to the system.
    Hope this help!
    Juan
    PS: Please reward with points if helpful

  • SSO between ITS and EP

    We are implementing ESS MSS on 4.7 , ITS 4.7 with EP 6.0
    Can some one point me as to how to configure the SSO between these various landscapes. I Think we would require SSO between EP and ITS for ESS in MSS services.
    regards
    Sam
    Message was edited by:
            sameer chilama

    Hi Sameer,
    All the information you are looking for is in the help.sap.com
    http://help.sap.com/saphelp_nw04/helpdata/en/89/6eb8e1af2f11d5993700508b6b8b11/frameset.htm
    This help guide is really very clear and thorough.
    Regards
    Daniel

  • Difference between ITS and web dynpro abap

    Hi Experts.
    Can any explain me what is the main difference between  EWT/ ITS and web dynpro abap. Basically i am going to developed some existing EWT in webdynpro ABAP , so i want to know what are the advantage of WD ABAP over ITS .
    Thanks in Advance.
    Satya

    Closing thread, thanks for your help.
    Thanks,
    Satya

  • SSL between NSAPI and WLS with custom certificate and RequireSSLHostMatch=true fails

    I am trying to use SSL for communication between NSAPI and WebLogic
    server (server authentication at the NSAPI).
    Therefore, a custom server certificate is installed on WLS, containing this
    server's hostname. The NSAPI is configured (RequireSSLHostMatch=true) to
    check the hostname contained in the certificate against the WebLogicHost
    parameter in the "obj.conf" file. The corresponding TrustedCAFile is installed
    for NSAPI.
    The SSL setup seems to work ok, but when matching the hostname, it seems like
    NSAPI is trying to do a string-match against the numeric IP of the WebLogicHost,
    not on the hostname as configured in the WebLogicHost parameter.
    The relevant entry in the "obj.conf" file:
    <Object name="weblogic" ppath="*">
    Service fn=wl-proxy WebLogicHost=btsun2a.muc \
    WebLogicPort=7162 \
    Debug=ALL \
    SecureProxy=ON \
    TrustedCAFile=/home/qx13604/wls61/config/testdomain/TC_RootServer_PEM_Class0.pem
    RequireSSLHostMatch=true
    </Object>
    I am using WLS6.1 with NSAPI (both Solaris). The content of "wlproxy.log" is as
    follows.
    Any ideas?
    Content of "wlproxy.log":
    Thu Oct 11 12:30:22 2001 INFO: SSL is configured
    Thu Oct 11 12:30:22 2001 INFO: Initializing SSL library
    Thu Oct 11 12:30:22 2001 Loaded 1 trusted CA's
    Thu Oct 11 12:30:22 2001 INFO: Successfully initialized SSL
    Thu Oct 11 12:30:22 2001 INFO: SSL configured successfully
    Thu Oct 11 12:30:22 2001 ....relFile.../index.jsp...
    Thu Oct 11 12:30:22 2001 URI=[index.jsp]
    Thu Oct 11 12:30:22 2001 Initializing lastIndex=0 for a list of length=1
    Thu Oct 11 12:30:22 2001 attempt #0 out of a max of 5
    Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
    at line 1156 for '/index.jsp'
    Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
    Thu Oct 11 12:30:22 2001 Going to check the general server list
    Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
    image/jpeg, image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
    image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
    Thu Oct 11 12:30:22 2001 INFO: sysSend 52
    Thu Oct 11 12:30:22 2001 Partial read socket
    Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
    Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
    validation failed
    Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
    Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
    Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
    of URL.cpp
    Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
    line 550 of URL.cpp]: at line 944
    Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
    Thu Oct 11 12:30:22 2001 INFO: sysSend 14
    Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
    Thu Oct 11 12:30:22 2001 attempt #1 out of a max of 5
    Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
    at line 1156 for '/index.jsp'
    Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
    Thu Oct 11 12:30:22 2001 Going to check the general server list
    Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
    image/jpeg, image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
    image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
    Thu Oct 11 12:30:22 2001 INFO: sysSend 52
    Thu Oct 11 12:30:22 2001 Partial read socket
    Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
    Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
    validation failed
    Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
    Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
    Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
    of URL.cpp
    Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
    line 550 of URL.cpp]: at line 944
    Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
    Thu Oct 11 12:30:22 2001 INFO: sysSend 14
    Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
    Thu Oct 11 12:30:22 2001 attempt #2 out of a max of 5
    Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
    at line 1156 for '/index.jsp'
    Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
    Thu Oct 11 12:30:22 2001 Going to check the general server list
    Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
    image/jpeg, image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
    image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
    Thu Oct 11 12:30:22 2001 INFO: sysSend 52
    Thu Oct 11 12:30:22 2001 Partial read socket
    Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
    Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
    validation failed
    Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
    Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
    Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
    of URL.cpp
    Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
    line 550 of URL.cpp]: at line 944
    Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
    Thu Oct 11 12:30:22 2001 INFO: sysSend 14
    Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
    Thu Oct 11 12:30:22 2001 attempt #3 out of a max of 5
    Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
    at line 1156 for '/index.jsp'
    Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
    Thu Oct 11 12:30:22 2001 Going to check the general server list
    Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
    image/jpeg, image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
    image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
    Thu Oct 11 12:30:22 2001 INFO: sysSend 52
    Thu Oct 11 12:30:22 2001 Partial read socket
    Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
    Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
    validation failed
    Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
    Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
    Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
    of URL.cpp
    Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
    line 550 of URL.cpp]: at line 944
    Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
    Thu Oct 11 12:30:22 2001 INFO: sysSend 14
    Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
    Thu Oct 11 12:30:22 2001 attempt #4 out of a max of 5
    Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
    at line 1156 for '/index.jsp'
    Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
    Thu Oct 11 12:30:22 2001 Going to check the general server list
    Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
    image/jpeg, image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
    image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
    Thu Oct 11 12:30:22 2001 INFO: sysSend 52
    Thu Oct 11 12:30:22 2001 Partial read socket
    Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
    Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
    validation failed
    Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
    Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
    Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
    of URL.cpp
    Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
    line 550 of URL.cpp]: at line 944
    Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
    Thu Oct 11 12:30:22 2001 INFO: sysSend 14
    Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
    Thu Oct 11 12:30:22 2001 attempt #5 out of a max of 5
    Thu Oct 11 12:30:22 2001 general list: trying connect to '160.50.106.101'/7162/7162
    at line 1156 for '/index.jsp'
    Thu Oct 11 12:30:22 2001 New SSL URL: match = 1 oid = 22
    Thu Oct 11 12:30:22 2001 Going to check the general server list
    Thu Oct 11 12:30:22 2001 WLS info : 160.50.106.101:7162 recycled? 0
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept]=[image/gif, image/x-xbitmap,
    image/jpeg, image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs from Client:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[connection]=[Keep-Alive]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[user-agent]=[Mozilla/4.72 [de]C-CCK-MCD
    (WinNT; U)]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[host]=[btsun1a.muc:99]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept]=[image/gif, image/x-xbitmap, image/jpeg,
    image/pjpeg, image/png, */*]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-encoding]=[gzip]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-language]=[de,en]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[accept-charset]=[iso-8859-1,*,utf-8]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-WebLogic-Force-Cookie]=[true]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Client-IP]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[X-Forwarded-For]=[160.50.136.171]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated]=[wwws/ns-homeV417/docs/index.jsp]
    Thu Oct 11 12:30:22 2001 Hdrs to WLS:[Proxy-Path-Translated-Base]=[wwws/ns-homeV417/docs]
    Thu Oct 11 12:30:22 2001 INFO: sysSend 52
    Thu Oct 11 12:30:22 2001 Partial read socket
    Thu Oct 11 12:30:22 2001 INFO: SSLWrite sent 0
    Thu Oct 11 12:30:22 2001 INFO: Host (btsun2a.muc) doesn't match (160.50.106.101),
    validation failed
    Thu Oct 11 12:30:22 2001 ERROR: SSLWrite failed
    Thu Oct 11 12:30:22 2001 SEND failed (ret=-1) at 549 of file URL.cpp
    Thu Oct 11 12:30:22 2001 *******Exception type [WRITE_ERROR] raised at line 550
    of URL.cpp
    Thu Oct 11 12:30:22 2001 got exception in sendRequest phase: WRITE_ERROR [os error=0,
    line 550 of URL.cpp]: at line 944
    Thu Oct 11 12:30:22 2001 INFO: Closing SSL context
    Thu Oct 11 12:30:22 2001 INFO: sysSend 14
    Thu Oct 11 12:30:22 2001 Failing over after sendRequest exception
    Thu Oct 11 12:30:22 2001 request [index.jsp] processed ..................

    I tried some other case and configured a certificate containing
    the numeric IP as hostname. The authentication works fine then,
    but it wouldn't be nice to hard-code the IP in the certificate
    (btw. the WebLogicHost parameter is still given as DNS name, not
    as IP address).
    Has anyone got a solution for this?
    "Wolfgang Jodl" <[email protected]> wrote:
    >
    I am trying to use SSL for communication between NSAPI and WebLogic
    server (server authentication at the NSAPI).
    Therefore, a custom server certificate is installed on WLS, containing
    this
    server's hostname. The NSAPI is configured (RequireSSLHostMatch=true)
    to
    check the hostname contained in the certificate against the WebLogicHost
    parameter in the "obj.conf" file. The corresponding TrustedCAFile is
    installed
    for NSAPI.
    The SSL setup seems to work ok, but when matching the hostname, it seems
    like
    NSAPI is trying to do a string-match against the numeric IP of the WebLogicHost,
    not on the hostname as configured in the WebLogicHost parameter.
    The relevant entry in the "obj.conf" file:
    <Object name="weblogic" ppath="*">
    Service fn=wl-proxy WebLogicHost=btsun2a.muc \
    WebLogicPort=7162 \
    Debug=ALL \
    SecureProxy=ON \
    TrustedCAFile=/home/qx13604/wls61/config/testdomain/TC_RootServer_PEM_Class0.pem
    RequireSSLHostMatch=true
    </Object>
    I am using WLS6.1 with NSAPI (both Solaris). The content of "wlproxy.log"
    is as
    follows.
    Any ideas?

  • SSL Between Weblogic and IBM MQ

    Dear All,
    I would like to know the SSL configuration steps between Weblogic and MQ Communication.
    The existing setup is, To put message in MQ, We are using MQ Java API directly. To get message from MQ, We are using JMS API with binding file.
    Now, we are in a position to enable SSL in those communication between Weblogic and MQ. Here Weblogic is Treated as Client & MQ is treated as Server. If any one throw some light here would be greatful for us to enable 2-way SSL.
    In High Level, Initially we planned for One-Way SSL like below,
    1. Create the Trust Store in MQ Server
    gsk7capicmd -keydb -create -db "/var/mqm/qmgrs/WLMQTest/ssl/WLMQTest.kdb" -pw serverpass -type cms -expire 365 -stash -fips
    2. Create Self-Signed Certificate Initially for MQ Server
    gsk7capicmd -cert -create -db "/var/mqm/qmgrs/WLMQTest/ssl/WLMQTest.kdb" -pw serverpass -label ibmwebspheremqwlmqtest -dn "CN=WLMQTest,O=,C=" -expire 365 -fips -sigalg sha1
    gsk7capicmd -cert -extract -db "/var/mqm/qmgrs/WLMQTest/ssl/WLMQTest.kdb" -pw serverpass -label ibmwebspheremqwlmqtest -target "/var/mqm/qmgrs/WLMQTest/ssl/*WLMQTest.crt*" -format ascii -fips
    3. Create the Key Store in Weblogic Server
    keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048
    4. Copy the Public SSL Server Certificate to the Weblogic Server
    Copied the WLMQTest.crt from MQ Server into a directory under Weblogic Server Domain
    The below command list the content of the keystore.jks
    keytool -list -keystore keystore.jks
    Keystore type: JKS
    Keystore provider: SUN
    Your keystore contains 1 entry
    mydomain, Dec 26, 2011, PrivateKeyEntry,
    Certificate fingerprint (MD5): E7:B6:4C:02:A7:DE:A3:66:27:66:38:A1:87:DF:8F:0F
    And tried to import the WLMQTest.crt
    keytool -import -alias mydomain -file WLMQTest.crt -keystore keystore.jks -storepass serverpass
    We got the error like below,
    keytool error: java.lang.Exception: Public keys in reply and keystore don't match
    5. Configuring the Channels.
    Please advice, Is it a right way? Positively expected your valuable comments
    Edited by: user10094300 on Dec 26, 2011 1:17 AM

    Check this:
    http://www.ibm.com/developerworks/websphere/library/techarticles/0510_fehners/0510_fehners.html

  • 2 way sync between AddressBook and LDAP

    Hi there. I'm looking for something that will help me do a 2-way sync between an Addressbook and an LDAP server. I've been playing with ABxLDAP/Addressbook4LDAP, and that seems to populate addressbook contacts into an LDAP server (a unidirectional sync). However, I want to do a full 2-way sync (changes made in the ldap server are synced to my local addressbook entries and vice versa).
    Does anyone know of any apps to do that?
    Thanks.

    Thanks for the info.
    I've only seen info about Snow Leopard syncing (and it doesn't really specify 2 way) to Exchange (which is not LDAP)
    Addressbookserver (www.addressbookserver.com) is also not LDAP.
    I really need this to work (2 way sync) with an LDAP server.
    Thanks.

  • Connection Error between ITS and SAP: R/3 system

    Dear All,
    Recently we have migrated our Backend SAP: R/3 Servers to AIX/Oracle platform. The server landscape is running on two application servers and one central instance with load balancing.
    We have changed all RFC destinations from the SAP:R/3 and ITS side and tested the connection.
    We are not able to login to backend SAP:R/3 server through ITS.
    The following error appears
    "Fatal Error!
    The ITS failed to handle this request
    The HTMLBusiness interpreter failed to interpret the template.
    The internal error message is:
    0x2101: Interpreter: The specified input file does not exist."
    What other changes from ITS side we have to look into or check?
    Regards
    saikat180965

    Hi saikat180965,
    Might be the problem is being caused by missing templates. Please have a look in the ITS traces to get more information about the missing file.
    Regards,
    Dieter

  • Connectivity between OSB and LDAP

    Hi All
    We have a requirement to connect to LDAP from OSB (not for retrieving security related information) for querying business information like users, user groups and geographical hierarchy etc. I know there is no Adapter to use for integrating LDAP with OSB. Please suggest some implementation technique for this approach.
    Thanks
    Vishwanath

    Which LDAP are you using ? If you are using OID you have a Ldapcleint.jar on the OID server, you can use that to connect.
    If you are using openldsp you using the open source ldap jar files for the same.
    Sample Code :-
    import javax.naming.*;
    import javax.naming.directory.*;
    import javax.naming.ldap.*;
    import oracle.ldap.util.jndi.*;
    import oracle.ldap.util.*;
    import java.io.*;
    public class NickNameSearch {
    public static void main(String[] args)
      throws Exception
      InitialLdapContext ctx = ConnectionUtil.getDefaultDirCtx( args[0],
      args[1], args[2],args[3]);
      RootOracleContext roc=new RootOracleContext(ctx);
      Subscriber sub = null;
      sub = roc.getSubscriber(ctx, Util.IDTYPE_DEFAULT, null, null) ;
      PropertySetCollection psc = sub.getProperties(ctx,
      Subscriber.USER_NAMING_PROPERTIES, null);
      String nickNameAttribute = null;
      try
      nickNameAttribute = (String) psc.getPropertySet(0).getProperty(Subscriber.USER_NAMING_ATTR_SIMPLE).getValue(0);
      catch (Exception e)
      // unable to retrieve the attribute name
      System.exit(0);
      System.out.println("Nickname attribute: " + nickNameAttribute); 
      // Retrieve user using simple name, guid or DN
      User user = sub.getUser(ctx, Util.IDTYPE_SIMPLE,"orcladmin", null);
      System.out.println("user DN: " + user.getDN(ctx));  }
      // Retrieve nickname value using User object
      psc = user.getProperties(ctx, new String[]{ nickNameAttribute });
      String nickName = null;
      try
      nickName = (String) psc.getPropertySet(0).getProperty(nickNameAttribute).getValue(0);
      catch (Exception e)
      // unable to retrieve the attribute value
      System.exit(0);
      System.out.println("Nickname : " + nickName); 
    Using the Java API Extensions to JNDI

  • WebLogic SAML 1.1 & Apache as proxy & SSL between browser and Apache

    Hi,
    I'm trying to configure SAML 1.1 to work with WebLogic Server 10.3.
    Here is a short description of the configuration
    - Browser connects to Apache front end with ssl https://myserver:444/...
    - Apache proxies requests to WebLogic Server instances in http. In the following example one of the WLS instances is listening on the port 555 on myserver.
    During the SAML 1.1 requests the following url appears:
         https://myserver:444/mysamlits?RPID=rp_00001&TARGET=http://myserver:555/myapp
    Here http://myserver:555/myapp is the backend server listening address. Instead it should be the frontend server address instead:
         https://myserver:444/mysamlits?RPID=rp_00001&TARGET=https://myserver:444/myapp
    Problem:
    Despite of all My efforts, WLS picks up the backend protocol and port and puts them in the TARGET. I can't find how to set up WebLogic Server to supply the frontend address as TARGET, so I'm asking help here.
    Details:
    I try to describe the setup in more detail below.
    I have NOT installed mod_wl to Apache because My intention is to employ Apache to simulate a hardware load balancer (HLB).
    I have appended the following lines to Apache httpd.conf:
    # Added so that we can set the "WL-Proxy-SSL: true"
    # HTTP header which tells a back-end WebLogic Server
    # that requests are being proxied through a front-end
    # SSL load-balancer or proxy server.
    <IfModule headers_module>
    RequestHeader set WL-Proxy-SSL true
    </IfModule>
    I have also verified that the header WL-Proxy-SSL is present in requests arriving at the backend WebLogic Server.
    On the WebLogic Server side I have
    - Frontend Host: myserver
    - Frontend HTTP Port:0
    - Frontend HTTPS Port:444
    I have also tried setting WebLogic Plugin Enabled:true.
    Regards,
    Kari
    Edited by: 858107 on May 11, 2011 10:00 PM: Removed a duplicated subject line.

    I was mistaken. TARGET can very well be the backend address. The actual problem was that the browser was getting redirected to the backend address.
    That was fixed by resetting the frontend settings:
    Frontend Host: <empty>
    Frontend HTTP Port:0
    Frontend HTTPS Port:0
    Kari

  • SSL between JNDI and AD - certificate chain

    Hi,
    I am trying to connect my active directory via SSL with the samples from the tutorial. Can anybody tell me, how I can export a certificate from AD (self-signed), so that I can import it with keytool? Or better, how to build that required certificate chain.
    Thanks a lot
    Falko Braun

    If you are using AD as your Certificate Authority you can go to
    http://servername/certserv
    which is the web interface for certificates.
    If you want the AD servers certificate, in the certificates snapin in MMC you can right click on the servers personal certificate -all tasks->export and export it.
    Hope this helps.
    G
    Hi,
    I am trying to connect my active directory via SSL
    with the samples from the tutorial. Can anybody tell
    me, how I can export a certificate from AD
    (self-signed), so that I can import it with keytool?
    Or better, how to build that required certificate
    chain.
    Thanks a lot
    Falko Braun

  • Difference between UME and LDAP users

    Hi,
    I am facing a strange problem. In my Webdynpro application, I am accessing the portal user properties using the normal user management APIs. IUser object. On my local server, all the users are UME users and it runs fine.
    When I deployed my application on the central server which creates LDAP users by default, the code bombs saying the user is not authorized. When I recreate the user in UME, it is fine again. Are there APIs which I can use which work for both the user stores?
    Thanks in advance,
    Kiran

    Hi Kiran,
    I User object works for both the cases. Just try the below code.
    <%@ page import = "com.sap.security.api.IUser" %>
         private void getUser() {
              user = compRequest.getUser();
              userId = user.getUniqueID();
              userName = user.getUniqueName();
    It worked for me for getting the users from LDAP.
    Regards,
    Santhosh

  • In EM Cloud control 12c, How to enable SSL between agent and OMS?

    As title. Thanks!

    Did you checkout MOS note 12c Cloud Control Security: How to Secure a 12c Agent from Console / Command Line? [ID 1390222.1] ?
    Regards
    Rob
    http://oemgc.wordpress.com

Maybe you are looking for

  • Mac won't start (Kernel Panics)

    Hello, My mac won't start up. It turns on, gets as far as the spinning circle and apple logo then a dark screen comes down with a Kernel Panic message. This occurred roughly three months ago and I ended up taking the mac into the regent street store

  • My macbook wont run. what do I do?

    when i open it up, all it does is stay at a black screen. then i turn on the power button and it does nothing. I know it is charged because when i cloes it, the light turns on. which usually only happens when i have it open. a couple days ago i got i

  • My iPad 1 has become very sluggish, why and  how to fix?

    My iPad 1 has become very sluggish. Even typing often has small delays in showing letters. It seems variable, alas, so no obvious app or condition is implicated. I have closed all apps and done a cold restart but that does not help. I have the latest

  • ¿How do you change the time of all images and do the chroma key effect in ¡Movie 10.0.2?

    I know it's a simple question, but i had ¡Movie '08 and I bought the latest version, and it's really different, so I don't know, if i have like 150 photos (it's an stop-motion) how can I put the same duration? And do the chroma key effect? And I don'

  • ESS Training Event and management

    Hi, I have deployed ESS. I don't find Training Tab on our ESS screen and i found that the tab is attached separately . Can anyone explain in details about this...! Regards Vijay