Web Dispatcher and SSL
Dear All,
I've configured Web Dispatcher with SSL. When I run command "sapwebdisp pf=sapwebdisp.pfl", my HTTPS service could not be started. It gives me error "WARNING: Could not start service 60000 for protocol HTTPS on host "myserver" (on all adapters)".
Any idea?
BTW, my SAP Web Dispatcher is up and running.
Rgds,
Hapizorr
HI Koti Reddy,
Below is the log from dev_webdisp. Any iddea?
trc file: "dev_webdisp", trc level: 1, release: "700"
sysno 00
sid
systemid 562 (PC with Windows NT)
relno 7000
patchlevel 0
patchno 110
intno 20050900
make: multithreaded, ASCII, 64 bit, optimized
pid 2892
[Thr 2800] started security log to file dev_icm_sec
[Thr 2800] SAP Web Dispatcher running on: psahrmswd
[Thr 2800] MtxInit: 30001 0 2
[Thr 2800] IcmInit: listening to admin port: 65000
[Thr 2188] *** WARNING => HttpPlugInInit: Parameter icm/HTTPS/trust_client_with_issuer or icm/HTTPS/trust_client_with_subject not set => do not trust any intermediary
X.509 cert data will be removed from header [http_plgrt.c 670]
[Thr 2188] *** WARNING => HttpAdmHandlerInit: archive ./wdispadmin.SAR does not exist [http_adm.cpp 286]
[Thr 2188] *** WARNING => HttpAdmHandlerInit: archive ./wdispadmin.SAR does not exist - nothing extracted [http_adm.cpp 301]
[Thr 2188] HttpSubHandlerAdd: Added handler HttpAdminHandler(slot=0, flags=4101) for /sap/wdisp/admin:0
[Thr 2188] CsiInit(): Initializing the Content Scan Interface
[Thr 2188] PC with Windows NT (mt,ascii,SAP_CHAR/size_t/void* = 8/64/64)
[Thr 2188] CsiInit(): CSA_LIB = ".\sapcsa.dll"
[Thr 2188] *** ERROR => DlLoadLib: LoadLibrary(.\sapcsa.dll) Error 126 [dlnt.c 237]
[Thr 2188] Error 126 = "The specified module could not be found."
[Thr 2188] *** ERROR => HttpAuthHandlerInit: url: / -> failed -> content filter deactivated [http_auth.c 300]
[Thr 2188] HttpSubHandlerAdd: Added handler HttpAuthHandler(slot=1, flags=12293) for /:0
[Thr 2188] HttpSubHandlerAdd: Added handler HttpWebDispHandler(slot=2, flags=28677) for /:0
[Thr 2188] =================================================
[Thr 2188] = SSL Initialization on PC with Windows NT
[Thr 2188] = (700_REL,May 21 2007,mt,ascii,SAP_UC/size_t/void* = 8/64/64)
[Thr 2188] SapISSLComposeFilename(): profile param "ssl/ssl_lib" = "U:\secudir\sec\sapcrypto.dll"
resulting Filename = "U:\secudir\sec\sapcrypto.dll"
[Thr 2188] SapISSLComposeFilename(): profile param "ssl/server_pse" = "U:\secudir\sec\SAPSSL.pse"
resulting Filename = "U:\secudir\sec\SAPSSL.pse"
[Thr 2188] = found SAPCRYPTOLIB 5.5.5C pl24 (Jun 11 2008) MT-safe
[Thr 2188] = current UserID: PSAHRMSWD\Administrator
[Thr 2188] = found SECUDIR environment variable
[Thr 2188] = using SECUDIR=U:\secudir\sec
[Thr 2188] *** ERROR => secudessl_Create_SSL_CTX(): PSE "U:\secudir\sec\SAPSSL.pse" not found! [ssslsecu.c 1296]
[Thr 2188] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --
secude_error 1824 (0x00000720) = "Wrong or Missing PIN for PSE"
[Thr 2188] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 2188] ERROR in SSL_CTX_set_default_pse_by_name: (1824/0x0720) Wrong or Missing PIN for PSE : "U:\secudir\sec\SAPSSL.pse"
ERROR in ssl_set_pse: (1824/0x0720) Wrong or Missing PIN for PSE : "U:\secudir\sec\SAPSSL.pse"
ERROR in af_open: (1824/0x0720) Wrong or Missing PIN for PSE : "U:\secudir\sec\SAPSSL.pse"
ERROR in secsw_open: (1824/0x0720) Wrong or Missing PIN for PSE : "U:\secudir\sec\SAPSSL.pse"
ERROR in sec_parse_PSEInfo_cont: (1824/0x0720) Wrong or Missing PIN for PSE : "U:\secudir\sec\SAPSSL.pse"
[Thr 2188] << -
End of Secude-SSL Errorstack -
[Thr 2188] *** ERROR => Initialization of SSL library failed -- NO SSL available!
[Thr 2188] =================================================
[Thr 2188] <<- ERROR: SapSSLInit(read_profile=1)==SSSLERR_PSE_ERROR
[Thr 2188] *** ERROR => IcmAddService: SapSSLInit (rc=-40): SSSLERR_PSE_ERROR [icxxserv.c 319]
[Thr 2800] IcmCreateWorkerThreads: created worker thread 0
[Thr 2800] IcmCreateWorkerThreads: created worker thread 1
[Thr 2800] IcmCreateWorkerThreads: created worker thread 2
[Thr 2800] IcmCreateWorkerThreads: created worker thread 3
[Thr 2800] IcmCreateWorkerThreads: created worker thread 4
[Thr 2800] IcmCreateWorkerThreads: created worker thread 5
[Thr 2800] IcmCreateWorkerThreads: created worker thread 6
[Thr 2800] IcmCreateWorkerThreads: created worker thread 7
[Thr 2800] IcmCreateWorkerThreads: created worker thread 8
[Thr 2800] IcmCreateWorkerThreads: created worker thread 9
[Thr 2832] IcmWatchDogThread: watchdog started
Similar Messages
-
Web Dispatcher and SSL on ABAP+Java
Hello,
Have installed SAP web dispatcher on WAS 6.40 ABAP+Java system. Communicating with Portal SP16 system.
The HTTP works fine. Have not been able to get SSL working with web dispatcher.
For troubleshooting activated ITS on this system and HTTPS works fine with ITS webgui.
Have followed the "how to" SSL for web dispatcher guide.
Also should mention that we have generated certificate requests and PSE's but our organization has not yet chosen a certificate authority to sign the cerficates. For other scenarios (log onto Portal, XI, etc) the only difference is the certifcate warning dialog, otherwise works fine. Would this cause a problem for Web Dispatcher?
Trying the SSL end to end scenario receive
WARNING: Could not start service 0 for protocol HTTPS on host "max-sap" on all adapters
Is there anything
unique for the ABAP+Java configuration?
Thanks,
AlanI solved this problem by setting the following profile parameter on my webdispatcher profile.
wdisp/ssl_ignore_host_mismatch = true
Doesn't fix the underlying problem but got me going until I can figure it out. -
Simple steps to set up SAP Web Dispatcher and SSL
Hi,
Could someone please provide simple steps explaining how to configure the SWD to communicate using end-2-end SSL with an XI server? The J2EE engine is listening on port 50001 for HTTPS requests. I have verified SSL is fine through direct connectivity.
Also our SWD now works fine with HTTP.
Could someone explain the following:
1. What parameters must I specify in the SWD profile file?
2. Do I have to add any parameters via RZ10 to the instance profile?
3. Do I have to create and activate an HTTPS service via SMICM?
4. Do I have to activate any internet services via SICF?
ThanksHi Eddy,
Sorry just got round to checking on this. The documentation you point to here is what we used as the basis for our setup.
We are attempting to use End-2-End SSL and did modify the SWD profile accordingly. It does not work however. If I connect via SSL directly to the J2EE server it works fine. Also connecting via HTTP thru the SWD works as well.
We are unsure as to whether there is something (parameters, service, etc.) that we have to set up via SMICM and/or RZ10 to enable SSL on the ICM? Or even whether that is necessary.
Ideally what I'd like is if someone can explain step-by-step what needs to be set up in the ABAP stack/message server that would be great.
Thanks
Brian -
Error when configuring Web Dispatcher for SSL with Enterprise Portal
We are in the process of configuring the Web Dispatcher using SSL to connect to our Enterprise Portal (the Web Dispatcher will be in the DMZ). We have followed all of the help.sap.com guides and now have SSL listening on the EP side (port 8103). We are now receiving this strange certificate error when we start the Web Dispatcher:
[Thr 5332] Tue Mar 20 00:36:23 2007
[Thr 5332] MatchTargetName("<FULLY QUALIFIED HOSTNAME>", "CN=XXX, OU=XXX, O=XXXX, C=XX") FAILS
[Thr 5332] SSL socket: local=<IPADDRESS>:4742 peer=<IPADDRESS>:8103
[Thr 5332] <<- ERROR: SapSSLSessionStart(sssl_hdl=009D7670)==SSSLERR_SERVER_CERT_MISMATCH
[Thr 5332] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-30): SSSLERR_SERVER_CERT_MISMATCH [icxxconn.c 2005]
[Thr 5332] *** ERROR => IcmConnClientRqCreate() failed (rc=-14) [icrxx.c 4919]
[Thr 5332] *** ERROR => Could not connect to SAP Message Server at <FULLY QUALIFIED HOST NAME>. URL=/msgserver/text/logon?version=1.2 [icrxx.c 2301]
[Thr 5332] *** ERROR => rc=-1, HTTP response code: 0 [icrxx.c 2302]
[Thr 5332] *** ERROR => see also OSS note 552286 [icrxx.c 2303]
We have gone through the trouble shooting note 552286 as listed in the error above. Any assistance is appreciated.Hello, did you receive any resolution for this problem? We are receiving a similar error and I am unsure of how to resolve.
-
SAP Web Dispatcher Configuration (SSL, certificates)
Hi all,
We're trying to configure the SAP Web Dispatcher for the use of SSL (terminated) and client authentication using x.509 certificates. All works (almost)fine. However, there's some strange behavior that I can not explain.
The following access point have been specified in the profile:
Description of the Access Points
icm/server_port_0 = PROT=HTTPS, PORT=443, TIMEOUT=15
icm/server_port_2 = PROT=HTTP, PORT=83, TIMEOUT=15
icm/HTTPS/verify_client = 2
Basicly we only need users to access the web dispatcher using SSL. However, when I remove the line: icm/server_port_2 = PROT=HTTP, PORT=83, TIMEOUT=15
The Web Dispatcher returns an error upon accessing it using HTTPS:
Dispatching Error
Error: -26
Version: 6040
Component: HTTP_ROUTE
Date/Time: Tue Mar 14 07:19:38 2006
Module: http_route.c
Line: 2383
Server: sapvm1_DVS_26
Detail: no valid destination server available for '!ALL' rc=13
Any help would be highly appreciated. Thanks!
FrodoHi KS,
Maybe you were right afterall I found a nice How to on the servce.sap.com (https://websmp203.sap-ag.de/~form/sapnet?_SHORTKEY=00200797470000073632&_SCENARIO=01100035870000000202) and it seems you do have to add the HTTP server_port parameter in case SSL is being terminated (no re-encryption).
icm/server_port_0 = PROT=HTTPS, PORT=443, TIMEOUT=15
icm/server_port_1 = PROT=HTTP, PORT=0, TIMEOUT=15
However, the trick is to set the port to zero (0), that way you can still only access the Web Dispatcher via HTTPS.
All is working now.
Frodo -
Client authentication in PI when SAP Web dispatcher terminates SSL
PI Security Experts,
Here is our design for Third-party Peoplesoft system initiating SOAP Call to PI Web Service created on our PI server.
1) Third-party Peoplesoft Application server initiates a SOAP call.
2) Third-party Network Gateway has a URL server certificate from our gateway and our gateway server has a root certificate from the CA used by third-party gateway. this will be used to establish the SSL tunnel between gateway.
3) SOAP request in our network will be routed through load balancer to SAP web dispatcher.
4) SAP web dispatcher terminates SSL connection
5) We will generate client cert for authentication and pass it onto third-party which they will load onto their PeopleSoft application server. SOAP call initiating from the PeopleSoft server will pass the client cert along with the message (My understanding is that the client cert will not be a part of SOAP message body. Ina other words we are not implementing message-level security. Is that true? How will the client cert be passed? How and where will a client attach the client cert with message?My understanding is that this is a network layer security and client certificate will be authenticated on PI J2ee server at SSL protocol level..Is my understanding correct?)
6) We will also load client certificate generated for client onto J2EE server using Visual Admin and map it to PI user for authentication.
7) SAP web dispatcher terminates SSL and passes the SOAP message to PI (J2EE) along with client cert in a http header variable.
There is some conflicting SAP documents. some say that client cert can't be used for PI authentication if Web Dispatcher terminates SSL connection (http://help.sap.com/saphelp_nw04s/helpdata/en/ea/301e3e6217b40be10000000a114084/frameset.htm). There is some other documents that say that authentication using client cert is possible by having J2EE trusting Web Dispatcher and by passing client cert from Web Dispatcher to J2EE in a httpheader variable (http://help.sap.com/saphelp_erp2005/helpdata/en/ea/301e3e6217b40be10000000a114084/content.htm).
Now if client cert authentication is possible even if Web dispatcher terminates SSL, what cert do we need on J2EE, a cert from Web dispatcher or a client cert that's coming in from the client appication (the one that we created and provided to our third-party)?
If we install a cert from web dispatcher on J2EE then do we need a client cert on Web dispatcher instead of on J2EE? If so how and where do we map client cert to PI User?
I will really appreciate any advise on whether we are going down the right path and any pointers to my questions.
Thanks,
SaurabhHi,
May be below links will be helpful
Check the following links.. you will get the information all about the securities...
http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
Also find soeminformation in these links
http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
/people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
Step by step guide for SSL security
step by step guide to implement SSL
Please go through below link for referance (above information is from below link)
http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
http://help.sap.com/saphelp_nw04/helpdata/en/ff/7932e4e9c51c4fa596c69e21151c7d/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/13/4a3ad42ae78e4ca256861e078b4160/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/3a/7cddde33ff05cae10000000a128c20/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/0a/0a2e0fef6211d3a6510000e835363f/content.htm
General guide
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9
Message level security
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
Regarding message level you can encrypt the message using certificates.
For both of this basis team has to deploy the releavant certificates in XI ABAP Stack or Java stack.
Generally if the scenarios are intra company we dont use any transport level or message level security since the network is already secured.
Thanks
Swarup -
IE browser and Web Cache and SSL - Internet Explorer cannot display the web page
When using IE8, IE9, or IE10 with Web Cache and SSL certain pages which display a lot of data returns the error - "Internet Explorer cannot display the web page."
if we eliminate SSL but continue to use Web Cache, the error does *not* reproduce & If we eliminate Web Cache altogether the error again does *not* reproduce. The error is only reproducible when we use SSL with Web Cache and if we use IE and we access *large* pages. The error is not reproducible with Firefox or Chrome. This is a Web Tier 11.1.1.7 installation with WebLogic 10.3.6 & Red Hat Enterprise 5 Linux x86-64
Event_log shows below errors.
[2013-06-13T16:34:35-04:00] [webcache] [NOTIFICATION:1] [WXE-09002] [logging] [ecid: ] Generated by Oracle Web Cache on Thu Jun 13 16:34:35 2013 - Build 11.1.1.7.0 130113.0721
[2013-06-13T16:34:36-04:00] [webcache] [NOTIFICATION:1] [WXE-08513] [logging] [ecid: ] Cache server process ID 4469 is starting up.
[2013-06-13T16:34:36-04:00] [webcache] [NOTIFICATION:1] [WXE-09612] [main] [ecid: ] Oracle Web Cache 11g (11.1.1.6), Build 11.1.1.7.0 130113.0721
[2013-06-13T16:34:37-04:00] [webcache] [NOTIFICATION:1] [WXE-13002] [config] [ecid: ] Maximum allowed incoming connections are 1000
[2013-06-13T16:35:00-04:00] [webcache] [NOTIFICATION:1] [WXE-09441] [stats] [ecid: ] DMS enabled
[2013-06-13T16:35:28-04:00] [webcache] [NOTIFICATION:1] [WXE-12209] [cluster] [ecid: ] A 1 node cluster successfully initialized
[2013-06-13T16:35:29-04:00] [webcache] [NOTIFICATION:1] [WXE-09614] [main] [ecid: ] The following Oracle Web Cache internal files are pre-populated to the cache: [[
/nssb-p.adm.fit.edu:7785/_oracle_http_server_webcache_static_.html
/nssb-p.adm.fit.edu:4448/_oracle_http_server_webcache_static_.html
[2013-06-13T16:35:29-04:00] [webcache] [NOTIFICATION:1] [WXE-09614] [main] [ecid: ] [[
The following Oracle Web Cache internal files are pre-populated to the cache: [[
/nssb-p.adm.fit.edu:7785/_oracle_http_server_webcache_checkserviceavailability_.html
/nssb-p.adm.fit.edu:4448/_oracle_http_server_webcache_checkserviceavailability_.html
[2013-06-13T16:35:29-04:00] [webcache] [NOTIFICATION:1] [WXE-09608] [main] [ecid: ] The cache server process started successfully.
[2013-06-13T16:35:29-04:00] [webcache] [WARNING:1] [WXE-12104] [utl] [ecid: ] Oracle Web Cache process has page faulted
[2013-06-13T16:44:22-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-29049
[2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: The record type is unknown.
[2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Remote IP [163.118.22.16]:55145
[2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Local IP 163.118.170.70:4448
[2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: SSL error during handshake (details: internal=The record type is unknown. system=Success)
[2013-06-13T16:44:27-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-29049
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: The record type is unknown.
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Remote IP [163.118.22.16]:55144
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Local IP 163.118.170.70:4448
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: SSL error during handshake (details: internal=The record type is unknown. system=Success)
[2013-06-13T16:44:27-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-29049
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: The record type is unknown.
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Remote IP [163.118.22.16]:55148
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Local IP 163.118.170.70:4448
[2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: SSL error during handshake (details: internal=The record type is unknown. system=Success)
[2013-06-13T16:44:35-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
[2013-06-13T16:44:35-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:45:18-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:45:18-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:45:22-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
[2013-06-13T16:45:22-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
[2013-06-13T16:45:41-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
[2013-06-13T16:45:41-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
Any help or suggestions are greatly appreciated
Tnx a lot,
LokeshHello ,
Try Below Workarounds:
Workaround 1:
Open Central Admin
àApplication Management à
Configure Alternate access mapping-->Edit your web application zone and add your server name in Intranet zone. So default can be serverIP and intranet could be servername.
Workaround 2:
Might be there is some issue with DNS and try to check that WebApplication is pointing to correct IP or not.
Also try to access your Sharepoint site using ip Address .. If you still gets error Kindly share the logs ..
Best
Regards Kuldeep Verma
Please remember to click "Mark As Answer"
if a post solves your problem or "Vote As Helpful" if it was useful. -
If I connect my Web Dispatcher to a WAS that is not running SNC it connects okay but if I point it to a WAS that is running SNC I get SNC related arrors in the file dev_webdisp.log:
[Thr 6968] *** ERROR => invalid service descriptor token 'p:GB\SAPServiceQAS' [ictxxroute_r 2681]
[Thr 6968] *** ERROR => syntax error in text description near line 4 [ictxxroute_r 3135]
[Thr 6968] *** ERROR => IcrUpdateServerPoolFromDescrString() failed 6 [icrxx.c 1762]
If I call the /sap/public/ping service on the WAS directly from Internet Explorer on my PC it connects okay, but if I call the same service from my PC via the Web Dispatcher it failes with the above message in the log file and the below HTTP message:
500 Dispatching Error
Dispatching Error
Error: -26
Version: 6040
Component: HTTP_ROUTE
Date/Time: Tue Feb 07 12:47:50 2006
Module: http_route.c
Line: 2352
Server: UKLONSAP011_QE7_10
Detail: no valid destination server available for '!ALL' rc=13
I cannot find any information relating to the Web Dispatcher and SNC on help.sap.com or OSS.
Do I have to install the SNC library onto the Web Dispatcher server? If so, how do I then reference it?
Any ideas?
Thanks.
PaulHi Paul,
SNC library is not required for Web Dispatcher.
The problem seems to be the data the message server provides with the URL http://<msg_host>:<msg_http_port>/msgserver/text/logon?version=1.2
If SNC is activated you will have an entry for RFCS in the data like:
RFCS bin.wdf.sap.corp 4853 p/secude:CN=BIN, O=SAP-AG, C=DE
The error " invalid service descriptor token 'p:GB\SAPServiceQAS' " indicates that the parser could not parse the response from the message server. Then the server list is empty and you get the "dispatching error".
Maybe the backslash lets the parser struggle. Please check that you have an up to date version running (6.40 kernel patch level > 90). If that is the case, then this problem should be handled by OSS message.
Kind regards,
Oliver -
Diff. between Web Dispatcher and ICM
hi gurus,
Please help to understand the Difference between Web Dispatcher and ICM in whereas ways like
When do we use which tool?
The architec differences between them?
Anything more that would help me to understand better!
Thanks a lot in advance
Regards
SekharHi
At top level, Web dispatcher is like simple dispatcher which handles all the internet related requests like Http, Https, Smtp.
ICM is Internet connection Manager which is used to administer the flow between SAP and outside world using HTTP, HTTPs, SMTP
Please read these
Web Dispatcher
http://help.sap.com/saphelp_47x200/helpdata/en/42/5cfd3b0e59774ee10000000a114084/content.htm
ICM
http://help.sap.com/saphelp_nw04/helpdata/en/0a/a7903febb15a7be10000000a11405a/content.htm -
SSL Configuration between Web Dispatcher and Portal
Here is the scenario:
INTERNET -
https--> WEB DISPATCHER (decryipts)-https> PORTAL
When a request for portal page is sent to WEB DISPATCHER, it gives the following error in dev_webdisp:
[Thr 1087416640] ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed
ERROR in af_verify_Certificates: (12851/0x3233) Verification of one certificate of path failed because the CA flag of its basic constraints is set to FALSE
ERROR in check_basicConstraints: (12851/0x3233) Verification of one certificate of path failed because the CA flag of its basic constraints is set to FALSE
I am using SAP's test certificates and there is no documentation for the error as far as I know.
Any ideas ?Hi Cristiano,
I solved the problem.
This error message is being caused by the mismatch between the issuer (SAP Test) and server pse generation strings (for example O and OU values ).
As the documentation suggests:
"For example, if you use the SAP CA, the naming convention is CN=<host_name>, OU=I<installation_number>-<company_name>, OU=SAP Web AS, O=SAP Trust Community, C=DE."
Thanks for the reply,
Best Wishes
Edited by: Yuksel Guney Hanedan on Aug 6, 2010 4:35 PM -
CRM_UI Reporting - HTTPS Terminating at Web Dispatcher or SSL all the way
Hi,
We need to set up access to crm_ui reports (leads and marketing mainly) in CRM 7.0 for vendors coming from the internet. The CRM server is in the internal network. In order for this to work I plan to setup the web-dispatcher in the application dmz. The initial login is going to be via the web dmz layer (using sun's iplanet server), which then routes the crm URL to the web dispatcher in the App dmz and then from the web dispatcher to CRM server.
One requirement from our security team is to set up the flow as HTTPS.
On going through SAP help I get the impression that it can be set up two ways, one, configuring web dispatcher to pass the SSL connection to backend, & two - configuring the web dispatcher to terminate SSL.
Seems the former is quite straight forward (from SAP online help we have to set the icm/server_port_<xx>> = PROT=ROUTER) but does it also require that we setup the crm_ui_frame service as SSL and activate the HTTPS service in ICM?
Or is it better to go via the second option (HTTPS termination) without changing the backend setup? SAP Online help lists steps to do the HTTPS termination but I have not come across any detailed documentation for the first method.
Any thoughts, suggestions will be helpful for either scenario.
Thanks,
Rommel BhanThanks Martin the document helped.
Now the web dispatcher seems to talk to the HTTPS port on the backend.
However there is one issue I see in the dev_webdisp and was wondering if you have an insight.
Based on webdispatcher parameters, its taling to ms_https_port 8533 of backend
[Thr 773] Mon Feb 15 15:03:35 2010
[Thr 773] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL
[Thr 773] SecudeSSL_SessionStart: SSL_connect() failed --
[Thr 773] secude_error 9 (0x00000009) = "the verification of the server's certificate chain failed"
[Thr 773] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 773] ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed
[Thr 773] ERROR in af_verify_Certificates: (27/0x001b) Chain of certificates is incomplete : "CN=sapcms02.reinternal.com, OU=I0020210975, OU=SAP Web AS, O=SAP Trust Community, C=DE"
[Thr 773] ERROR in get_path: (27/0x001b) Found root certificate of <CN=sapcms02.reinternal.com, OU=I0020210975, OU=SAP Web AS, O=SAP Trust Community, C=DE> which does not fit the given PKRoot
[Thr 773] ERROR in verify_with_PKs: (27/0x001b) Found root certificate of <CN=sapcms02.reinternal.com, OU=I0020210975, OU=SAP Web AS, O=SAP Trust Community, C=DE> which does not fit the given PKRoot
[Thr 773] << -
End of Secude-SSL Errorstack -
[Thr 773] SSL_get_state() returned 0x00002131 "SSLv3 read server certificate B"
[Thr 773] SSL NI-sock: local=10.104.146.81:62579 peer=10.104.146.81:8533
[Thr 773] <<- ERROR: SapSSLSessionStart(sssl_hdl=110acb850)==SSSLERR_SSL_CONNECT
[Thr 773] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT [icxxconn_mt.c 1911]
[Thr 773] *** ERROR => IcmConnClientRqCreate() failed (rc=-14) [icrxx_mt.c 5976]
[Thr 773] *** ERROR => Could not connect to SAP Message Server at sapcms02. URL=/msgserver/text/logon?version=1.2 [icrxx_mt.c 3289]
[Thr 773] *** ERROR => rc=-1, HTTP response code: 0 [icrxx_mt.c 3290]
[Thr 773] *** ERROR => see also SAP note 552286 [icrxx_mt.c 3291]
My backend is setup with SSL and web dispatcher is set to the following. Also since the backend and sapweb dispatcher are on the same host, using the same sidadm, the SSL stuff is on one location. I generated the SAPSSLS.pse in the backend using STRUST
Accessibility of Message Servers
rdisp/mshost = sapcms02
ms/http_port = 8100
ms/https_port = 8533
wdisp/server_info_protocol = https
SAP Web Dispatcher Ports
icm/server_port_0 = PROT=ROUTER,PORT=60000
icm/server_port_1 = PROT=HTTPS,PORT=0
icm/server_port_2 = PROT=HTTP,PORT=8080 <-- web dispatcher admin port
#SSL parameters similar to one in backend
ssf/ssfapi_lib = /usr/sap/CMS/SYS/exe/run/libsapcrypto.o
sec/libsapsecu = /usr/sap/CMS/SYS/exe/run/libsapcrypto.o
ssf/name = SAPSECULIB
ssl/ssl_lib = /usr/sap/CMS/SYS/exe/run/libsapcrypto.o
ssl/server_pse=/usr/sap/CMS/DVEBMGS00/sec/SAPSSLS.pse
ssl/client_pse=/usr/sap/CMS/DVEBMGS00/sec/SAPSSLC.pse -
Hi,
We have EP 6.0 SP16 paltform on win2003/oracle.
We configured SSL, so we connect using https protocol.
We have two application servers for our portal platform.
For load balancing we use SAP Web Dispatcher.
we didn't configure SSL for the host where Web dispatcher resides. So we want web dispather to convert http requests to https.
For this purpose we used parameters
icm/server_port_0 = PROT=HTTP, PORT=8003
wdisp/ssl_encrypt = 2
as said in
http://help.sap.com/saphelp_nw04/helpdata/en/d8/a922d7f45f11d5996e00508b5d5211/frameset.htm
we get error:
Detail: no valid destination server available for '!ALL' rc=7
How can we solve this error ?
Best regardsHello ..,
By defining wdisp/ssl_encrypt = 2 in your pfl file is not enough. I'm assuming you ahve missed the following steps:-
1. Install the SAP Cryptographic Library on the SAP Web Dispatcher.
2. Set the profile parameters.
3. Create the SAP Web Dispatchers PSE(s) and certificate request(s).
4. Send the certificate request(s) to a CA to be signed.
5. Import the certificate request response(s) into the PSE.
6. Create credentials for the SAP Web Dispatcher.
7. Restart the SAP Web Dispatcher.
8. Test the connection.
You need to perform all the above mentioned steps for the SSL. Please refer this link:-
http://help.sap.com/saphelp_nw04/helpdata/en/39/09a63d7af20450e10000000a114084/frameset.htm
Regards
Vaib -
Web Dispatcher with SSL termination for EP
Hi All,
I want to configure SAP Web Dispatcher (installed on windows) for SSL
termination scenario. I did all the configuration steps, SSL Basic,
SSL termination steps without Metadata Exchange scenario.
But , when i am trying to access the portal using "<b>
https://<DispatcherHost>:<Port>/irj/portal</b>", its giving <b>page
can not be displayed</b> error
<i>This is how the profile file of the dispatcher looks like,</i>
profile file **************
Profile generated by sapwebdisp bootstrap
unique instance number
SAPSYSTEM = 2
Accessibility of Message Servers
rdisp/mshost = <portal server>
ms/http_port = 8101
SAP Web Dispatcher Parameter
wdisp/auto_refresh = 120
wdisp/max_servers = 100
wdisp/shm_attach_mode = 6
configuration for large scenario
icm/max_conn = 16384
icm/max_sockets = 16384
icm/req_queue_len = 6000
icm/min_threads = 100
icm/max_threads = 250
mpi/total_size_MB = 500
mpi/max_pipes = 21000
#maximum number of concurrent connections to one server
wdisp/HTTP/max_pooled_con = 2000
wdisp/HTTPS/max_pooled_con = 2000
SAP Web Dispatcher Ports
SAP Web Dispatcher Web Administration
icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=./admin
icm/server_port_0 = PROT=HTTPS,PORT=5000
icm/server_port_1 = PROT=HTTP,PORT=0
icm/HTTPS/verify_client = 0
DIR_INSTANCE=D:\SAP_SSL\secudir
ssl/ssl_lib=D:\SAP_SSL\secudir\sapcrypto.dll
sss/server_pse=D:\SAP_SSL\secudir\SAPSSL.pse
wdisp/ssl_encrypt = 0
wdisp/add_client_protocol_header = true
profile file **************
After modifying the profile file, restarting the dispatcher gives the
following information in the command prompt,
Information in command prompt *******
D:\SAP_SSL\sapwebdisp\sapwebdisp pf=sapwebdisp.pfl
**Warning: Could not start service 5000 for protocol HTTPS on host
<hostname>" <on all adapters>
*SAP Web Dispatcher up and operational <pid: 1700>*
Information in command prompt *******
What may be problem? Did i miss out any steps ?
Please help !
Regards,
SandipHi Sandip,
Please check this thread..
/thread/41459 [original link is broken]
cheers,
Prashanth
P.S : Please mark helpful answers -
Securing file download with standard web security and ssl
Hi,
I want to put some files for download in my webapp. At the same time, I want to protect these files using standard servlet security and ssl. So I added <security-constraint> in my web.xml and configured tomcat to allow SSL connection. Now I got the files protected as I expected. When I try to access the file directly from browser, tomcat shows me the login page. However, after correct login, I.E. pops up an error saying something like "Internet Explorer cannot download XXX from XXX. The file could not be written to the cache.". The log file showed the following exception:
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: java.net.SocketException: Connection reset by peer: socket write error
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1154)
at com.sun.net.ssl.internal.ssl.AppInputStream.available(AppInputStream.java:40)
at org.apache.tomcat.util.net.TcpConnection.shutdownInput(TcpConnection.java:90)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:752)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.net.ssl.SSLException: java.net.SocketException: Connection reset by peer: socket write error
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1443)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1407)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
at org.apache.coyote.http11.InternalOutputBuffer.realWriteBytes(InternalOutputBuffer.java:747)
at org.apache.tomcat.util.buf.ByteChunk.flushBuffer(ByteChunk.java:403)
at org.apache.coyote.http11.InternalOutputBuffer.endRequest(InternalOutputBuffer.java:400)
at org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:961)
at org.apache.coyote.Response.action(Response.java:182)
at org.apache.coyote.Response.finish(Response.java:304)
at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:281)
at org.apache.catalina.connector.Response.finishResponse(Response.java:473)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:738)
... 4 more
Caused by: java.net.SocketException: Connection reset by peer: socket write error
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
at com.sun.net.ssl.internal.ssl.OutputRecord.writeBuffer(OutputRecord.java:283)
at com.sun.net.ssl.internal.ssl.OutputRecord.write(OutputRecord.java:272)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:663)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
... 15 more
I've tried separating concerns, for example protect files but not require SSL, and enable SSL but do not protect files. Both works respectively but not together. I also tried using a download4j's DownloadServlet. Still doesn't work.
Have any of you encouter the same situation? If so, could you enlight me what I did wrong? It maybe just a simple SSL configuration or something. Thanks in advance!
JackMy environment setup is:
JDK 1.5.01
Tomcat 5.5.7
For downloading files, I just use plain old <a href> method. I simply right-click the link and choose "save target as...".
Thanks,
Jack -
Hi,
Has anyone tried (and maybe succeeded) in accessing an
RPC-style Web Service deployed on WebLogic Server 6.1 using
SSL? I have a Web Service deployed and am able to access it using JNDI and the
weblogic.soap.http.SoapInitialContextFactory
INITIAL_CONTEXT_FACTORY. However, when I try to set the
Context.SECURITY_PROTOCOL to "ssl" and access the secure port,
I get a "java.net.SocketException: Unexpected end of file from
the server" error message.
Does the weblogic.soap.http.SoapInitialContextFactory not
support SSL? Do I need to do the SOAP/XML messaging myself,
without being able to make use of the WebLogic convenience
classes? Thanks! RobAlright!
Glad you got it working ;-)
Actually, the problem with the protocol being hardcoded to http in the wsdl.jsp,
is a bit strange. It's unusual that the BEA engineers that coded the wsgen component
and support classes, didn't use something like the following:
<soap:address location="<%= request.getScheme() + "://" + request.getServerName()
+ ":" + request.getServerPort() %>/security/examples/webservices/security/PhoneBookService"/>
I don't use wsgen too much, because I need to have more control over the J2EE
packaging. It (wsgen) is great for spitting out stuff, but not really setup for
doing Web service packaging that use classes (i.e. helper files, frameworks, etc.)
that it doesn't generate. I think they (BEA) might be looking into integrating
the Web Services assembly process with other tools like WebGain, Forte, etc. to
alleviate these types of issues.
Anyway, glad you got it working, so now you can help somebody else (time permitting,
of course) with this topic in the future!
Regards,
Mike Wooten
"Rob Nelson" <[email protected]> wrote:
>
Mike,
Thank you very much for your response! The next to
last sentence did it for me (when you mentioned checking
that the location attribute of the soap:address element
was set properly)! I noticed that when I viewed the WSDL
file via the browser (by clicking on the link in the
index.html page), I saw http://host:<unsecure_port> when
I requested it over the unsecure port, but I saw
http://host:<secure_port> when I requested the WSDL over
the secure port. Notice it did not say https!
So, I unjarred the EAR file that was generated by my
wsgen task, and then unjarred the generated WAR file
contained therein. When I looked at wsdl.jsp, I noticed
that "http" was hard-coded in the location attribute, but
that the host name and port number were dynamically
generated. So I added a scriplet to dynamically place an
"s" after "http" (if request.isSecure()) and rejarred up
the WAR and EAR files.
Now when I deployed the EAR file, I see "https" when
I request the WSDL over the secure port, and my client
(actually your client;) works! Awesome! I really appreciate
your help! Now my only issue is why did the wsdl.jsp have
"http" hard-coded, not accounting for secure requests.
These files were generated by the WSGEN task in ANT.
I figure it's either: I have a configuration problem,
I have a problem with my ANT build script, my version of
WebLogic Server (6.1 w/SP1 built 9/18/2001) has a bug, or
maybe you just have to manually go in and modify the wsdl.jsp
file if you want to use https :(. Please let me know if
you have any insight on this, and I will also follow up
with WebLogic support. Thanks again! Rob
"Michael Wooten" <[email protected]> wrote:
Hi Rob,
I am absolutely sure the code I posted works, so we need to approach
this from
a different angle ;-)
First, I know why the Context.SECURITY_PROTOCOL approach doesn't works.
It's because
the namespace in the Web Services code examples is not the same oneas
the one
used for RMI objects, EJBs, JDBC Data Sources, etc. For those objects,
the Context.PROVIDER_URL
is something like "t3://localhost:7001", and the INITIAL_CONTEXT_FACTORY
is "weblogic.jndi.WLInitialContextFactory".
The one being used with WebLogic Web Services, is mainly just functioning
as a
mechanism for manufacturing WebServiceProxy objects, because it is a
non-instanciable!
It does this by using a subclass of javax.naming.Context called SOAPContext,
which
is completely hidden from you, but also doesn't do much except implement
the lookup()
method. The implementation of this method ignores the Context.SECURITY_URL
property,
but it does pay attention to the "java.naming.security.principal" and
"java.naming.security.credentials"
properties. You don't need these properties for SSL, just Basic Authentication.
Enough about that, though. The service end-point is a servlet right?
So this means
it has a URL that begins with http or https, which in turn means the
WebLogic
servlet engine gets the SOAP request and sends it to the StatelessSessionAdapter
servlet. To WLS, this is just like any other HTTP/HTTPS request sent
to it ;-)
There is no special "SOAP-related" HTTP/HTTPS handler in WLS, but the
SSL challenge
dance still happens. So my first question is, are you sure you havethe
HTTPS
attributes set properly in the WebLogic console. SSL/HTTPS should be
enabled and
the "Hostname Verification Ignored" checkbox should be checked. Next,
are you
sure the URL assigned to the location attribute of the <service> element
in the
WSDL is correct (i.e. https://localhost:7002)? Are you using the "dynamic
client"
approach?
Regards,
Mike Wooten
"Rob Nelson" <[email protected]> wrote:
Mike,
Thanks for your response. I downloaded the code example that
you
posted
last week, as well as the code example that you posted in October for
a similar
request (BEA Support pointed me towards that). Unfortunately, I still
can't get
the Web Service to respond to the client request when the client uses
the HTTPS
port for the WebLogic Server.
I tried two different client approaches. The first uses the client
code
that you posted in October, the WebServiceProxy approach. The second
approach
is based on the example in the WebLogic documentation, which uses the
weblogic.soap.SoapInitialContextFactory
class with the javax.naming.Context object to perform a lookup on the
service
(which closely resembles rmi without the narrowing).
Both client classes fail to invoke the the service itself viaHTTPS
(although
they both work when making HTTP requests to the unsecure port). However,
when
I run the client based on the client class that you posted in October
and make
an HTTPS request, I can see in the output where it is able to download
the WSDL
file and use it (via the WebServiceProxy) to describe the availablemethods
for
the associated Web Service. It is only when the actual invoke() method
is called
on the SoapMethod object (which in turn sends the XML request to the
Web Service
Servlet), that the server doesn't respond, and the client fails with
an UnexpectedEndOfFileException
(i.e. no response).
So, do you know why the servlet that the RPC-style Web Serviceuses
to handle
requests would not respond to HTTPS requests, when it processes HTTP
requests
without a problem (using the same client code that fails with the HTTPS
request)?
I am using WebLogic Server 6.1 w/SP1 on a Solaris 8 platform. Thanks
for any
advice you can give me! Rob
"Michael Wooten" <[email protected]> wrote:
Hi Rob,
Check out the attached zip for "insights" into how to do this. It
contains
the
code for two Web service "consumers" (that the new fangled word fora
"client")
and the web.xml and weblogic.xml for the RPC-style Web Service, that
they consume.
Hope this helps,
Mike Wooten
"Rob Nelson" <[email protected]> wrote:
Hi,
Has anyone tried (and maybe succeeded) in accessing an
RPC-style Web Service deployed on WebLogic Server 6.1 using
SSL? I have a Web Service deployed and am able to access it using
JNDI
and the
weblogic.soap.http.SoapInitialContextFactory
INITIAL_CONTEXT_FACTORY. However, when I try to set the
Context.SECURITY_PROTOCOL to "ssl" and access the secure port,
I get a "java.net.SocketException: Unexpected end of file from
the server" error message.
Does the weblogic.soap.http.SoapInitialContextFactory not
support SSL? Do I need to do the SOAP/XML messaging myself,
without being able to make use of the WebLogic convenience
classes? Thanks! Rob
Maybe you are looking for
-
My iPad won't open, my screen is black even if I use the open/close reset botton???
-
Hi all, May i know how to load the files from a folder into a JComboBox. How can i refresh the items everytime the comboBox is clicked?
-
Hi, We are currently managing our FI6248s CLI and UCS via the out-of-band managment interfaces on the FIs. Does anyone know if the FI6248s can be managed in-band over the 1/10GBe connections? Thanks,
-
Microsoft Office Documents Not Printing in Complete PDF Books
Good afternoon all - Our users load Word documents and Excel documents into Workspace, then add them to reporting books. When they run these books in Complete Book in PDF view, the Office documents do not show up. They show up in every other view. Or
-
I am trying to update from the desktop, CC which says update PS CC. Tells me to close PS ( It is closed). Then it tells me to close CC. I am going around and around getting no where. HELP!