STRUST: Error 27 in SSF_ABAP_SERVICE

Hello, I have to install a certificate X509 (file.c) and I need to convert to *. Pse, with the SAP Trust Manager Sap  I have error when run the program C: "SSF_ABAP_SERVICE." (return SY-SUBRC = 27).
Consequently, I can not install the certificate. Cer
Is there any way to convert this certificate in *.pse and that the system can recognize it?
I already install the SAPCriptographich Library
Thanks in advance
Sebastia

The certicate (.cer) was create with the command openssl (in Windows NT)
First, I generated the private key with
  openssl genrsa -out private 1024
Second generated de CSr (Certificate Signing Request) with
openssl req -new -key private -subj "/C=xx/O=xxxx/CN=xxxx" -out request
Third I sent a email  to Provider with request file.
The provider sent file.cer to me.
My questions is:
How I do to install the file.cer? Do I have that convert in file.pse or create my own pse?
If it is the second option: How I do associate the file.cer with my own pse?
Thanks in advance.
Sebastián
Edited by: sebara on Apr 22, 2010 5:18 PM

Similar Messages

  • STRUST - Error while creating PSE

    Hi all,
    i want to create the PSE for SNC (SAP Cryptolib). -> Webservices with Certificates
    SNC ID:      sys-sapsnc@<domain>.com
    Algorithm:   RSA
    Key Length: 1024
    Error message:
    Error while creating PSE
    Message no. TRUST040
    System: ERP 2005
    System PSE is already created
    SSL Server PSE is already created
    SSL Client (Anonymous) PSE is already created
    SSL Client (Standard) PSE is already created
    regards

    Hi Ralf,
    I think I did something similar with XI about a year ago. You have to create or import some certificates / CA Certificates using STRUST (it depends if you have officially signed certificates or if you are using your own selfsigned certificates. In this case you need the root certificate as well).
    => Note 510007 might be useful
    => When importing your own root CA make sure you choose a valid namespace for Trust Center (starting with Z e.g. ZSELFCA) and choose Root-CA for Category.
    => If you want to view, modify or deltete entries choose menu > certificate > database and you will see a screen where you can search for the entries in the certificate database
    Just in case you have problems with your PSE make a copy of directory /usr/sap/SID/DVEBMGS<XX>/sec
    and delete your existing PSE to create a new one (Carefully!!!
    - First of all make sure you installed SAPSECULIB.
    - After that you should create a new PSE or create new entries for SSL Server (optionally client etc.)
    - You can create an entry directly in TRUST Manager. The resulting certificate will be selfsigned. You can sign
    this cert using your CA and then after having it signed you have to import the certificate response (use openssl to do cert stuff)
    => This might be helpful: http://help.sap.com/saphelp_nw04/helpdata/en/24/61ab3b92818b70e10000000a114084/frameset.htm
    You can import your own certificates from menu > certificate > import in the maintenance section of the SSL Server PSE or you can just click on the "Import Certificate" button
    When done you should check that your generated/imported certificates are working by simple accessing your server using the https protocol (e.g. https://<server>:<sslport>/sap/public/ping should be fine)
    Just in case you used your own CA to sign the certificates your Browser will display popup saying that the certificate is not signed by any known trusted CA (we know that so we can ignore that
    If you want to use client cert authentication you have to repeat the explained steps for SSL Client (Standard)
    => Create the PSE, sign the generated certificate etc., import the certificate response
    When this is all done you should do the following:
    - Create a RFC Destination for HTTPS Communication (call sm59, open the Folder HTTP Connections to External Server)
    - In the destination enter the destination Host and the path of your application
    - After that open the TAB Logon/Security
    - In the Status of Secure Protocol Section choose SSL active and DEFAULT SSL Client (Standard) as SSL Client Certificate
    - Save all your changes
    You should now be able to use this destination for your Webservice communication and it will be encrypted using SSL
    Hope this helps
    If you have further questions let me know
    Cheers

  • Error 500--Internal Server Error  - when deploying strust application

    Hello everyone,
    We have a large strust-based web application. The application is being deployed as an EAR file.
    We are getting a NullPointerException when we deploy the application on Weblogic 8.1 in production mode. The exception
    occurs when we access the application for the first time after redeployment.
    When we restart the server entirely we do not get the exception anymore.
    This exception does occur only rarely in development mode.
    In production mode it occurrs every time.
    Has anyone experienced similar issues?
    Regards,
    Oliver Enseling
    Error 500--Internal Server Error
    java.lang.NullPointerException
         at org.apache.struts.action.RequestProcessor.getServletContext(RequestProcessor.java:1136)
         at org.apache.struts.tiles.TilesRequestProcessor.processTilesDefinition(TilesRequestProcessor.java:180)
         at org.apache.struts.tiles.TilesRequestProcessor.processForwardConfig(TilesRequestProcessor.java:309)
         at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:279)
         at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1480)
         at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:506)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
         at com.gelco.tmg.planning.web.core.action.URLSecurityFilter.doFilter(URLSecurityFilter.java:69)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6458)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
         at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
         at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)

    <[email protected]> wrote in message news:41c49d78$1@mail...
    The problem seems to occur due to servlet reloading.... There seems to be
    a bug that reloads the ActionServlet even without any changes made to the
    code base... The reload fails for the ActionServlet making it null
    Turn off servlet reloading in your weblogic.xml using
    <container-descriptor>
    <servlet-reload-check-secs>-1</servlet-reload-check-secs>
    </container-descriptor>
    Let me know if this helps ...The default is to check for every one sec... I am not sure whether these
    kind of defaults make sense once a application is moved into production
    mode...
    If the issue gets resolved with the above suggested workaround .... let me
    know... since the issue is spurious and I am trying to reach a higher
    confidence level in the solution proposed by me.....
    Thanks
    Kumaraguruparan Karuppasamy
    >
    >
    >
    "Bill Turchin" <[email protected]> wrote in message
    news:25319409.1102534305264.JavaMail.root@jserv5...
    I am now also seeing that error having recently upgraded to WL 8.1. Has
    anyone found the solution?

  • Error while installing certificate in STRUST

    Hi All,
    when i try to install the Web Ui Certificates in STRUST i am getting the message mentioned below.
    Cannot analyze certificate
    Message no. TRUST009
    Diagnosis
    The certificate cannot be analyzed in the specified file format.
    Thanks in Advance,
    Regards,
    Satish

    Hi,
    The error clearly indicates the problem of incompatible formats of certificate being imported.
    In addition to Nico's reply,
    Pls check the format format of the certificates to be compatible in base 64 or binary formats.
    If you are not sure, pls get your system admin to get the file converted in above formats.
    Cheers Sam

  • Error while signing data-Private key or certificate of signer not available

    Hello All,
    I am new to PI.  I am currently stuck with an issue. The scenario is as explained below.
    We need to check for the service availability before processing the data. So, we test for the RFC connection first from the ECC system. During this process, we access the digital certificate stored in the PI system so that it can be validated and allowed to consume this intended service.
    Error :
    When we trigger the RFC test from the  ECC system, we get an error stating ' Error while signing data -  Private key or certificate of signer not available '. But when we test the same functionality within PI system(Locally), we does not encounter any such error. The certificate is maintained and it appears fine.
    The communication channels are stored with logon credentials.
    Can anyone please help me with this error or provide your valuable inputs. Thanks in advance.
    Regards,
    Shivkumar

    Hello,
    When we trigger the RFC test from the ECC system, we get an error stating ' Error while signing data - Private key or certificate of signer not available '.
    This should be normal behavior since the certificates are not installed in ECC SSL folders of Strust. Why not just install the certificates in the ECC system, perform an ICM restart and do a retest? After all, the certificates would both be the same in PI and ECC.
    Hope this helps,
    Mark

  • "No tag library could be found with this URI" error while compiling jsp

    I am using WebLogic Server 9.2 MP1, JDK 1.5.0_09, Struts 1.3.5
              I am pre-compiling jsp pages with wlappc ant task. However, I got following errors when a jsp page contains ant taglib:
              No tag library could be found with this URI. Possible causes could be that the URI is incorrect, or that there were errors during parsing of the .tld file.
              The jsp page looks like:
              <%@ taglib uri="http://struts.apache.org/tags-html" prefix="html" %>
              wlappc complains taglib could not be retrieved from this uri. Actually, since Struts 1.3.5, those ".tld" files are contained in strust-taglib-1.3.5.jar, folder META-INF/tld/. And I don't need to set anything in web.xml <tag-lib> tab anymore.
              All the jsp pages can be successfully compiled while being deployed to Server. So what am I missing? My build.xml file looks like:
                   <target name="compile-jsp">
                        <wlappc source="${src.dir}" output="${out.dir}"
                             keepgenerated="true" optimize="true" classpathref="wl_classpath"/>
                   </target>
              where "wl_classpath" contains all the struts related jar files, e.g. struts-core-1.3.5.jar, struts-taglib-1.3.5.jar, ...., and weblogic related jars, e.g. weblogic.jar.....
              I checked "beehive" samples coming with weblogic92, and found it pretty much did the same thing regarding build script and jsp files. So I am totally lost!
              Please help me out. Many thanks.
              Edited by jqian at 02/02/2007 10:24 AM

    Yes sorry, you're correct. The uri I mentioned is just 1.0.
    Do you have the "Oracle WebLogic Web App Extension" Facet for your web project? If not, try adding that and making sure that there is a weblogic.xml file created in the WEB-INF dir. The weblogic.xml file allows you to deploy usig a shared lib for JSTL. It should contain a library-ref element something like the following, with a version of 1.1.
    <wls:library-ref>
    <wls:library-name>jstl</wls:library-name>
    <wls:specification-version>1.1</wls:specification-version>
    <wls:exact-match>true</wls:exact-match>
    </wls:library-ref>

  • HTTPs without client authentication, error while posting through Altova

    Hi Experts
    I am doing a SOAP- XI-Proxy synchronous scenario where i have to use HTTPs without client authentication for the first time in my system.
    I have made the scenario and WSDL out of it.
    When i am trying to test it through Altova, i am getting the following error:
    <?xml version="1.0"?>
    <!-- see the documentation -->
    <SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
        <SOAP:Body>
            <SOAP:Fault>
                <faultcode>SOAP:Server</faultcode>
                <faultstring>Server Error</faultstring>
                <detail>
                    <s:SystemError xmlns:s="http://sap.com/xi/WebService/xi2.0">
                        <context>XIAdapter</context>
                        <code>ADAPTER.JAVA_EXCEPTION</code>
                        <text><![CDATA[
    java.security.AccessControlException: https scheme required
        at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:918)
        at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl0_3.process(ModuleLocalLocalObjectImpl0_3.java:103)
        at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:296)
        at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0_0.process(ModuleProcessorLocalLocalObjectImpl0_0.java:103)
        at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:187)
        at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:496)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
        at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
        at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
        at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
        at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
        at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1060)
        at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
        at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
        at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
        at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
        at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
        at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
        at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
              ]]></text>
                    </s:SystemError>
                </detail>
            </SOAP:Fault>
        </SOAP:Body>
    </SOAP:Envelope>
    i saw a few discussion on web but nowhere the solution was provided.
    the url is
    http://abc.sap.point:1234/XISOAPAdapter/MessageServlet?channel=:system:communicationchannel&amp;version=3.0&amp;Sender.Service=x&amp;Interface=x%5Ex
    i changed it to https also but in that case it was not even posting the request.
    i have set the sender adapter like this
    is there any setting that i am missing.
    What is the setting the i need to do in SM59.
    Please help me getting through this.
    Your help is highly appreciated. Thanks in advance.
    Neha

    HI Neha,
    1. Enable the https service in the ICM: you can follow the way to do it like is pointed out in the page 4 of this document (PI 7.1 and PI 7.0 has the same smicm abap transaction) http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?overridelayout=t…
    2. Generate the certificate. Use the STRUST transaction. Chech this document SSL Configuration in SAP ABAP AS and JAVA AS – Step-by-step procedure
    Hope this helps.
    Regards.

  • Error while uploading SSL certificate in Visual Admin

    Hi,
    I generated a .cert base 64 certificate from STRUST tcode of my ECC server.I'am tring to load the certificate in visual administrator under key storage --> ADS Certs. while loading,  it is giving me an error message stating " Key Store : ID21113:Input array size must be multiple by 4."
    I was able to upload the same certificate with .cert extension previously, but this time it is throwing me import failed error and the above error message. I checked in forums but i  couldn't find any solution.
    Please guide me with a solution.
    With Regards,
    Joel

    work around provided by SAP
    I neither managed to load your key to my keystorage.
    Nevertheless, I converted your certificate by means of the
    "Certificate Export Wizard" (of the Internet Explorer) to "DER encoded
    binary X.509 (.cer). Then I renamed the file to "ORDclstd.crt" and
    finally was able to load this certificate to the keystorage.

  • HTTPS - 500 - Internal Server Error

    Hi,
    To send XML file over HTTPS, a RFC destination type G is created in SM59 and is used in Plain HTTP receiver Adapter.
    Now while testing HTTP destination in SM59, HTTP 200 reponce is OK.
    But while sending the XML file, getting an error HTTP 500 - Internal Server Error in SXMB_MONI.
    Certificates are installed in STRUST for HTTPS connection.
    Any suggetion.
      <SAP:Category>XIAdapter</SAP:Category>
      <SAP:Code area="PLAINHTTP_ADAPTER">ATTRIBUTE_SERVER</SAP:Code>
      <SAP:P1>500</SAP:P1>
      <SAP:P2>Internal Server Error</SAP:P2>
      <SAP:P3>Internal Server Error</SAP:P3>
      <SAP:P4 />
      <SAP:AdditionalText />
      <SAP:Stack>HTTP server code 500 reason Internal Server Error explanation Internal Server Error</SAP:Stack>
      <SAP:Retry>M</SAP:Retry>
      <Trace level="3" type="T">Quality of Service EO</Trace>
      <Trace level="1" type="T">Get XML-Dokument from the Message-Objekt</Trace>
      <Trace level="2" type="T">HTTP-Destination : EXT_SERVER</Trace>
      <Trace level="3" type="T">Server ABCD</Trace>
      <Trace level="3" type="T">Service-Nr. 443</Trace>
      <Trace level="3" type="T">URL /PATH1/PATH2?Query</Trace>
      <Trace level="3" type="T">~request_method POST</Trace>
      <Trace level="3" type="T">~server_protocol HTTP/1.0</Trace>
      <Trace level="3" type="T">accept: */*</Trace>
      <Trace level="3" type="T">quality of service: EO</Trace>
      <Trace level="3" type="T">Header-Fields</Trace>
      <Trace level="3" type="T">Prolog conversion Codepage: UTF-8</Trace>
      <Trace level="3" type="T">Epilog conversion Codepage: UTF-8</Trace>
      <Trace level="3" type="T">content-length 2312</Trace>
      <Trace level="3" type="T">content-type: text/xml; charset=UTF-8</Trace>
      <Trace level="2" type="T">HTTP-Response :</Trace>
      <Trace level="1" type="T">Internal Server Error</Trace>
      <Trace level="2" type="T">Code : 500</Trace>
      <Trace level="2" type="T">Reason: Internal Server Error</Trace>
      <Trace level="2" type="T">Code : 500</Trace>
      <Trace level="2" type="T">Reason: Internal Server Error</Trace>
    Thanks,
    Madan

    Hi Madan,
    Please have a look at this thread.
    Plain HTTP adapter error
    Hope this helps to you.
    Regards,
    P.Rajesh

  • Error when connect from portal system (abap ) to external ssl client - sm59

    Hi I am tryign to setup a ssl connection from the abap sm59 portal system to an exteral server.. I have setup the certs that the client has given me in strust.but i m gettign the ffg error.
    sysno      60
    sid        PID
    systemid   370 (Solaris on SPARCV9 CPU)
    relno      7110
    patchlevel 0
    patchno    150
    intno      20020600
    make       multithreaded, Unicode, 64 bit, optimized
    profile    /usr/sap/PID/SYS/profile/PID_DVEBMGS60_pidevdb
    pid        3911
    [Thr 01] Thu Jun 14 08:38:48 2012
    [Thr 01] TRACE FILE TRUNCATED
    [Thr 07] Thu Jun 14 08:39:07 2012
    [Thr 07] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL
    [Thr 07]    session uses PSE file "/usr/sap/PID/DVEBMGS60/sec/SAPSSLA.pse"
    [Thr 07] SecudeSSL_SessionStart: SSL_connect() failed
    [Thr 07]   secude_error 536871970 (0x20000422) = "SSL record with the wrong SSLPlaintext.version received"
    [Thr 07] >>            Begin of Secude-SSL Errorstack            >>
    [Thr 07] ERROR in ssl3_get_record: (536871970/0x20000422) SSL record with the wrong SSLPlaintext.version received
    [Thr 07] <<            End of Secude-SSL Errorstack
    [Thr 07]   SSL_get_state() returned 0x00002120 "SSLv3 read server hello A"
    [Thr 07]   SSL NI-sock: local=57.24.111.151:34110  peer=57.24.110.116:5081
    [Thr 07] <<- ERROR: SapSSLSessionStart(sssl_hdl=10720d530)==SSSLERR_SSL_CONNECT
    [Thr 07] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT {00020a7c} [icxxconn_mt.c 1957]
    When i change the sm59 connection not to use ssl. it give me a pop up screen . and asks me to enter user and password...
    He then  give me a private key file .. i.e a .pfx file but not sure how to load this in strust. I tried to convert in useign sapgenpse. but it fails with teh ffg error
    12% sapgenpse import_p12  -p /usr/sap/PID/amos/amos_client.pse /usr/sap/PID/amos/amos_client_pk.pfx
    import_p12: MISSING password for PKCS#12 file "/usr/sap/PID/amos/amos_client_pk.pfx"
    Please enter PKCS#12 encryption  password: *******
    PKCS#12/PFX file contains 1 keypair:
      1. FriendlyName = "amos.server.interface.webuser.web_int.cert"
         X.509v3 (type=Both) RSA-2048 (signed with sha1WithRsaEncryption)
         Subject="CN=AMOS WebService Interface Client, OU=IT&S MRO, O=South African Airways (Pty) Ltd, L=OR Tambo International Airport, SP=Gauteng, C=ZA"
         Issuer ="[email protected], CN=ca.flysaa.com, OU=Certificate Authority, O=South African Airways (Pty) Ltd, L=OR Tambo International Airport, SP=Gauteng, C=ZA"
    ERROR: Incomplete certification path -- NEED certificate of "[email protected], CN=ca.flysaa.com, OU=Certificate Authority, O=South African Airways (Pty) Ltd, L=OR Tambo International Airport, SP=Gauteng, C=ZA"!
    I have attached a doc of what it looks like.. appreciate any help

    Hi,
    There is an error in the publishing of template
    Template :"bbpsc02" is not publised in ITS.
    Go to T.code: SE80
    Publish all the templates again and check
    Check with your SAP  BASIS team for the help
    Regards
    Ganesh

  • Digital signature verification failed - Error RTCCTOOL

    Hi guys !!!
    I am running the report from the SDCCNN - RTCCTOOL, but I get the following error message:
    1. Digital signature verification failed
    Description -  The verification of the recommendation content using digital signatures has failed. Therefore recommendations were suppressed.
    Implementation -  Consult SAP note 69455 if there is a known issue with content verification. If you do not find a solution open a customer message on SV-SMG-SDD.
    When I Goto - Digital signatures Activate button digital content verification is disabled.
    Then go to the transaction on the client STRUST 000 and I found the certificate: SSF SAP AGS Online Content View The certificate shows:
    Owner: CN=SID SSF SAP AGS Online Content Verification, OU=I0020596183, OU=SAP Web AS, O=SAP Trust Community, C=DE
    Certificate List: CN=Online Recommendations, CN=OR-C, CN=V01M, OU=AGS, O=SAP AG, C=DE
                CN=Online Recommendations Upd, CN=OR-U, CN=V01M, OU=AGS, O=SAP AG, C=DE
    Both certificates will expire on 01.01.2038.
    According to the help and OSS note 69455 tell me again that I must create this certificate every year, but I see this current certificate, what is the error?
    What is the process because I'm not clear and can not find another OSS note or the SDN forum to tell me what is wrong is happening.
    Thanks guys for the help I can provide.
    Desiré

    Hi all.
    I have the same problem and explore all possible solutions found in this discussion and others without satisfactory result.
    Everything points that may be an inconsistency error external certificate which is in the DB. Anyone know how to fix this.
    Greetings.

  • Error when using navigation list

    hi all;
    i'm using jdeveloper10.1.2 i created a jsp page which contain two cascading lists it worked fine,i copied the application to another pc when i try to run this page on jdeveloper i get this error at runtime
    javax.servlet.jsp.JspException: Failed to obtain specified collection at org.apache.struts.taglib.html.OptionsCollectionTag.doStartTag(OptionsCollectionTag.java:222)
    how i can solve this problem.???

    Verify that you're using the same version of Struts with both deployments. Check if strust.jar file size is the same. This looks like struts version issue.
    Noel.

  • STRUST Import Certificate to ABAP engine.

    Hi All,
    I'm importing Certificate into ABAP for first time.
    Can you please tell me the steps to do that.
    T-code: STRUST
    SSL Client Ananymos
    On the right panel click on Import and then browse the certificate?
    I did browsed the zip file which contains 6 certificates and now I'm getting this error
    "Cannot analyze certificat" after selection in "Import"
    Can you please tell me the steps to completed the import of certificates into ABAP engine. so that I can use it in SM59 HTTP destination type G.
    Is there any blog for that ?
    Thanks
    Newi

    Hi,
    Go through below links these might help you.
    http://help.sap.com/saphelp_nw70ehp1/helpdata/en/a6/f19a3dc0d82453e10000000a114084/content.htm
    http://help.sap.com/saphelp_nw70ehp1/helpdata/en/14/29236de1864c6e8d46e77192adaa95/content.htm

  • Error in SOAP Receiver Adapter with HTTPS

    Dear All,
    I am developing a SOAP to SOAP scenario with HTTPS i.e. client without authentication and I am facing an issue with the receiver adapter. Few messages fails in the receiver side while rest are successful.
    Error - Delivery of the message to the application using connection SOAP_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: Failed to get the input stream from socket: iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier
    Please let me know what can be the reason for the error.
    Thanks and Regards,
    Rana Brata De

    Hi Rana,
    Check the certificates sequence as well the certificates end dates in STRUST in SAP PI system. if, deployed in NWA level check over there.
    One more :: sending the data to web server or web page. make sure, PI is pointing to which server.
    Regards,
    Kesava.

  • Error using HTTPS

    I am trying to send data from an SAP system to a non-SAP system using the HTTP adapter.  The url is using port 9082 and am using a certificate for authentication.  I have opened a hole in our firewall for the transmission. 
    I set up SM59 with the url/port/path, and specified the certificate installed in STRUST.
    When I run a test, I get the following error in XI.
    <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
    - <!--  Call Adapter
      -->
    - <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="">
      <SAP:Category>XIAdapter</SAP:Category>
      <SAP:Code area="PLAINHTTP_ADAPTER">ATTRIBUTE_CLIENT</SAP:Code>
      <SAP:P1>407</SAP:P1>
      <SAP:P2>ICM_HTTP_SSL_ERROR</SAP:P2>
      <SAP:P3 />
      <SAP:P4 />
      <SAP:AdditionalText />
      <SAP:ApplicationFaultMessage namespace="" />
      <SAP:Stack>HTTP client. Code 407 reason ICM_HTTP_SSL_ERROR</SAP:Stack>
      <SAP:Retry>A</SAP:Retry>
      </SAP:Error>
    I'm not real sure what this means and can't find anything in the forums about this.  Can anyone offer any assistance?

    Larry,
    Ok so your using the HTTPS adapter, have you uploaded the certificate to the keystore in visual administrator?
    Which version of XI/PI are you using?  You may need to run the SSO2 Wizard (if PI/SP14 or above) otherwise kestore in VA should give you the necessary set up.
    Make sure you set up HTTP and SSL correctly here is the link for the setup in NW04: 
    http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
    check the "Technically Enabling SSL" it describes the steps needed to run strust and J2EE Visual Adminstrators (utilitizing the keystore) here is a little snipet from the web page:
    ●      Use the J2EE Visual Administrator to set up an SAP Web AS J2EE engine as HTTPS server. If not already done, you have to import a certificate generated by a CA identifying the SAP Web AS into the keystore named service_ssl in the Keystore service. In addition, you have to assign this certificate in the SSL Provider service.
    ●      Use the J2EE Visual Administrator to set up an SAP Web AS J2EE engine as HTTPS client. If not already done, you have to import the certificate of the CA of the HTTPS serveru2019s certificate into the J2EE engineu2019s keystore view named TrustedCAs.
    Good luck this should help you even a little.
    Rocco

Maybe you are looking for