X.509 client certificate not working through Reverse proxy
Dear expert,
We are working on fiori infrastructure. Our current scope is to enable X.509 authentication for both internet and intranet. However, the intranet scenario for X.509 authentication is working fine but internet is not, we got error message of "Base64 decoding of certificate failed". For landscape, the only difference between internet and intranet is we have apache reverse proxy in DMZ. We are using gateway as fron-end server, business suite and HANA in the back-end.
As X.509 authentication works fine under intranet scenario, we assume that the configuration for X.509 for both front-end and back-end are correct. With that assumption, the issue would exist in reverse proxy. We are using apache 2.4.7 with openssl 1.0.1e, but we have upgraded the openssl to the latest version 1.0.1h for SSL certificate generation. Below are the apache configuration for X.509.
Listen 1081
<VirtualHost *:1081>
SSLEngine on
SSLCertificateFile "D:/Apache24/conf/server.cer"
SSLCertificateKeyFile "D:/Apache24/conf/server.key"
SSLCertificateChainFile "D:/Apache24/conf/server-ca.cer"
SSLCACertificateFile "D:/Apache24/conf/client-ca.cer"
SSLVerifyClient optional
SSLVerifyDepth 10
SSLProxyEngine On
SSLProxyCACertificateFile "D:/Apache24/conf/internal-ca.cer"
SSLProxyMachineCertificateFile "D:/Apache24/conf/server.pem"
AllowEncodedSlashes On
ProxyPreserveHost on
RequestHeader unset Accept-Encoding
<Proxy *>
AddDefaultCharset Off
SSLRequireSSL
Order deny,allow
Allow from all
</Proxy>
RequestHeader set ClientProtocol https
RequestHeader set x-sap-webdisp-ap HTTPS=1081
RequestHeader set SSL_CLIENT_CERT ""
RequestHeader set SSL_CLIENT_S_DN ""
RequestHeader set SSL_CLIENT_I_DN ""
RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
RequestHeader set SSL_CLIENT_I_DN "%{SSL_CLIENT_I_DN}s"
ProxyPass / https://ldcinxd.wdf.sap.corp:1081/ nocanon Keepalive=on
proxyPassReverse / https://ldcinxd.wdf.sap.corp:1081/
We are out of mind on how to resolve this issue. Please kindly help if you have any idea on it.
thanks,
Best regards,
Xian' an
Hi Samuli,
Really thanks for your reply.
Yes, we have tried your suggestion above in the apache configure file above, but when testing the HANA service, we got error message "Certificate could not be authenticated".
Yes, web dispatcher makes the X.509 authentication much easier as under intranet scenario, no DMZ between browser and web dispatcher. Client certificate pass through web dispatcher directly and it works perfectly this way. Not sure why it doesn' t work through apache reverse proxy.
Best regards,
Xian' an
Similar Messages
-
WebDynpro applications not working through Reverse Proxy
Hi All,
I have configured a Reverse Proxy using apache 2.2.4 and when i access my Portal (NW04s EP 7.0 SPS08) through reverse proxy i'm not able to display any webdynpro application (e.g. Identity Management). I'm getting Page can not be displayed. I think reverse proxy is not able to convert the request into absolute URLs.
If someone had the same problem,please let me know.
Regards
VaibI resolved the problem on my own by adding webdynpro directive to the httpd.conf.
Thanx
Vaib -
Site not working through Transparent Proxy
I have a site that will not load through transparent proxy at one of my buildings.
I have 2 buildings with same BM setup (3.9SP2 on NW6.5 SP7). At one location, I can not resolve a web site when running through transparent proxy.
At the other location, it works just fine.
Also, if I set the proxy to either BM server, the site loads without incident.
As another note, both locations use the same internal DNS server which is located in the building where transparent proxy works for this site.
What am I missing?
Any ideas as to what to try next is greatly appreciated.On 03/16/2010 03:26 PM, sjdimare wrote:
>
> Thanks for the reply. Both BM servers are using the same proxy.cfg file
> - Craig Johnson's - revision 30.
>
> I ran a lan trace on 2 separate PCs from the different networks.
>
> On the working network, you can see the DNS lookup in the wireshark
> log.
>
> In the network where it is not working, there is no DNS entry even
> showing that it is trying to resolve the domain name. Other sites are
> working just fine and you can see the DNS entry going to our internal
> DNS server.
>
> In the non-working segment, if I hard set the proxy, you see an HTTP
> entry going to the proxy server and resolving the domain in question.
>
> Very strange.
>
> Any new ideas are greatly appreciated.
>
> Steve D.
>
>
Then the pc failing has problem to resolve the entry. When you force the
browser, pc does not resolve anything, just send the url to bm and bm
resolve it. With TP, it is the PC who makes it. It could be that this pc
has already cached this site. But then you should see the reqesut goign
to the bm server. Without seeing the traces ( i do not understand your
there is no DNS entry even
showing that it is trying to resolve the domain name,) i can not comment
in more detail other that you've got a PC or network problem or dns
problem with this particular site, but not a bm.
if trace shows dns query from the pc and no answer, but is really
strange, do the same step but this time take a lan trace on the dns
server to confirm that request is received and what it does with it. -
HTTPS connection with client certificate not working in spartan
Spartan does not show certificate for the user to select
when I click the https link.
The certificates (taken from a smartcard) are indeed present in the user CertStore.
It works with IE 11 and Chrome.
Has somebody any suggestions ?
Thanks.in fact you are more using a reverse-proxy than a proxy since it is on the server part..
You have to put all the SSL server part on the reserve-proxy itself and not on the final RSS feed. Then, the reverse-proxy will authenticate your client and gets its certificate. After that, either this proxy will open a plain connection (no ssl) towards the RSS, or you can also open a ssl connection but this means you must create a client certificate for the proxy. It just depends on the security level you need, and I used this solution many times in professional hosting.
hope it helps ! -
SOAP Axis adapter_Encryption via Client Certificate not working
Dear Experts,
Could anyone please share the steps to enable encryption via client certificate in SOAP AXIS receiver adapter.
I am able to do the same using normal SOAP adapter but with AXIS framework the steps are not working.
I have come across few sdn links to configure axis framework for authentication using wsse security standard but this seems to be different as it requires user and password whereas with certificates we are not given any user/password.
Please provide some valuable inputs.
Thanks.Hi Shikha,
see the -
Advanced Usage Questions
8. How can I configure a channel to use the encryption and ....
of the FAQ attached to the note -
1039369 - FAQ XI Axis Adapter
Regards
Kenny -
Multiple Exchange accounts and client certificates not working...?
Hi all,
I have a problem with my company iPad's. I'm trying to configure 2 Exchange accounts with certificate based authentication on my iPad with the iPhone config utility. For that i have created 2 client certificates.
When I configure just 1 mailbox, does not matter which one of the 2, with the iPhone config util, it al works ok with client authentication.
When I configure 2 mailboxes, on the iPad, without client certificate authentication it al works ok.
When I configure 2 mailboxes with the 2 client certificates with the iPhone config util, both exchange accounts have the same mailbox. When I configure for example mailbox Jim and Harry with the corresponding certificates and I load it into the iPad. The exchange account of Jim has Jim his mailbox, but the exchange account of Harry also has the mailbox of Jim. And sometimes it is vice versa.....
Can anybody help me in this, we are using 4th gen iPad with MS Exchange ActiveSync 2003 SP2 en MS Forefront TMG with Kerberos delegation.
Please advice.
Cheers,
EddyHi Eddy,
I have the feeling that the SSL connection after being established is only using the first authenticated certificated to connect to the exchange server.
Have you had a look over this Microsoft page:
http://technet.microsoft.com/en-us/magazine/ff472472.aspx
Are you able to test 2 accounts on one pad in a test environment preferably with SSL inspection off?
Do you have any information in the Forefront logs of the users being authenticated from the iPad? Or is one user authenticated twice?
Cheers,
IhalpU -
B2B-51075 Missing signer certificate receiving AS2 through reverse proxy
We are setting up AS2 communication through B2B on 11.1.1.6.7, Our reverse proxy configuration in the DMZ looks as shown:
<Location /b2b/httpReceiver>
WebLogicHost internalsoa.domain
WebLogicPort 8001
WLLogFile /dmz/logs/wl-proxy.log
SetHandler weblogic-handler
</Location>
https://externaledi.domain/b2b/httpReceiver
-Dhttp.proxySet=true -Dhttp.proxyHost=externaledi.domain -Dhttp.proxyPort=443
When I go to the externally available URL, I receive the B2B Server is ready to accept HTTP messages from the Trading Partner message.
In the TRACE:32 logging, I see:
[2014-01-10T09:20:30.551-08:00] [soa_server1] [TRACE] [] [oracle.soa.b2b.engine] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: c8ec097869f74d35:75fef00f:14379dde17a:-8000-0000000000080c34,0] [SRC_CLASS: oracle.tip.b2b.system.DiagnosticService] [APP: soa-infra] [SRC_METHOD: synchedLog_J] Utility:getAllCertsFromWallet:Loaded Certs 5
[2014-01-10T09:20:30.553-08:00] [soa_server1] [ERROR] [] [oracle.soa.b2b.engine] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: c8ec097869f74d35:75fef00f:14379dde17a:-8000-0000000000080c34,0] [APP: soa-infra] java.lang.NullPointerException[[
at oracle.tip.b2b.packaging.SmimeSecureMessaging.verify(SmimeSecureMessaging.java:834)
at oracle.tip.b2b.packaging.mime.MimePackaging.processSignedMultipartMessage(MimePackaging.java:1080)
at oracle.tip.b2b.packaging.mime.MimePackaging.processMultipartMessage(MimePackaging.java:908)
at oracle.tip.b2b.packaging.mime.MimePackaging.processMessageContent(MimePackaging.java:865)
at oracle.tip.b2b.packaging.mime.MimePackaging.doUnpack(MimePackaging.java:780)
at oracle.tip.b2b.packaging.mime.MimePackaging.unpack(MimePackaging.java:670)
at oracle.tip.b2b.engine.Engine.processIncomingMessageImpl(Engine.java:1888)
at oracle.tip.b2b.engine.Engine.processIncomingMessage(Engine.java:1654)
at oracle.tip.b2b.transport.InterfaceListener.onMessageLocal(InterfaceListener.java:412)
at oracle.tip.b2b.transport.InterfaceListener.onMessage(InterfaceListener.java:220)
at oracle.tip.b2b.transport.basic.TransportServlet.doPost(TransportServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
java.lang.NullPointerException
at oracle.tip.b2b.packaging.SmimeSecureMessaging.verify(SmimeSecureMessaging.java:834)
at oracle.tip.b2b.packaging.mime.MimePackaging.processSignedMultipartMessage(MimePackaging.java:1080)
at oracle.tip.b2b.packaging.mime.MimePackaging.processMultipartMessage(MimePackaging.java:908)
at oracle.tip.b2b.packaging.mime.MimePackaging.processMessageContent(MimePackaging.java:865)
at oracle.tip.b2b.packaging.mime.MimePackaging.doUnpack(MimePackaging.java:780)
at oracle.tip.b2b.packaging.mime.MimePackaging.unpack(MimePackaging.java:670)
at oracle.tip.b2b.engine.Engine.processIncomingMessageImpl(Engine.java:1888)
at oracle.tip.b2b.engine.Engine.processIncomingMessage(Engine.java:1654)
at oracle.tip.b2b.transport.InterfaceListener.onMessageLocal(InterfaceListener.java:412)
at oracle.tip.b2b.transport.InterfaceListener.onMessage(InterfaceListener.java:220)
at oracle.tip.b2b.transport.basic.TransportServlet.doPost(TransportServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
[2014-01-10T09:20:30.553-08:00] [soa_server1] [TRACE] [] [oracle.soa.b2b.engine] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: c8ec097869f74d35:75fef00f:14379dde17a:-8000-0000000000080c34,0] [SRC_CLASS: oracle.tip.b2b.system.DiagnosticService] [APP: soa-infra] [SRC_METHOD: synchedLog_J] MimePackaging:processSignedMultipartMessage:Signature Verification failed
[2014-01-10T09:20:30.585-08:00] [soa_server1] [TRACE] [] [oracle.soa.b2b.engine] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: c8ec097869f74d35:75fef00f:14379dde17a:-8000-0000000000080c34,0] [SRC_CLASS: oracle.tip.b2b.system.DiagnosticService] [APP: soa-infra] [SRC_METHOD: synchedLog_J] Notification: notifyApp: payload = <Exception xmlns="http://integration.oracle.com/B2B/Exception" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">[[
<correlationId>null</correlationId>
<b2bMessageId>0A0A117A1437D2B5D520000017198417</b2bMessageId>
<errorCode>B2B-51075</errorCode>
<errorText>
<![CDATA[Missing signer certificate.
]]>
We used the following notes to guide the configuration:
http://blog.darwin-it.nl/2012/11/b2b11g-with-apache-20-as-forward-proxy.html
http://anuj-dwivedi.blogspot.sg/2010/10/enabling-ssl-on-oracle-b2b-11g.html
Has anyone gotten AS2 communication to work through a reverse proxy? We are not picking up any agreements or senders in the B2BConsole reports.
Thanks,
-MichaelIt turns out the trading partner provided the incorrect certificate. Once they sent a new certificate (must be the one they use for signing), everything worked.
-
Client certificate not working in E51 after FW upd...
In our company we have several E51 phones for using our mobile web services. In some cases we need to use client cetrificates for maximum security.
The situation is: with older firmware versions (100.x/200.x) the certificate and TLS handshakes are working fine, but after upgarding to the latest version (300.x) the browser starts complaining "The operation cannot be completed" when trying to open the https connection. The problem seems to occur in the handshake phase, so debugging and analyzing the problem is very difficult. It's notable that the certificate itself is valid (working with older fw) and is installed just fine. Some cert details: Type: X.509 Algorithm: SHA1RSA
Normal TLS connections without client certs work. The phones have been formatted and no backups have been restored after formatting, so the problem cannot be about old settings messing up the configuration.
Has any other had similar problems and have you been able to solve it somehow?I am also having this problem where the certificate dialog (Windows Security is usually the title) is never prompted to the user. I tried it on several computers which are all part of the domain. The same computers can also login on another ADFS, so I have
working certificates.
I just get a page where a text says I should select a certificate but I never get the dialog to do so.
Any updates on this issue? -
Does iTunes Producer work through a proxy?
I am trying to get iTunes Producer to work through our corporate proxies. I have opened up TCP 33001 and TCP 44001 like the documentation stated. From the proxy servers I am able to connect to these TCP ports as well as the required UDP ports that are listed in the documentation. However, as soon as I try to upload a book in iTunes Producer, it get an error.
Does iTunes Producer work in a corporate environment that uses a proxy? Or is it like APNS that will not work through a proxy?It seems that your office network is blocking the app. Maybe the old releases used a port not closed by your firewall but in the newer releases it uses another port which it is closed. That maybe explains the reason you cannot connect. You should contact your network administrator.
-
Using X.509 Client Certificates - SAP ABAP Webgui (SSL)
Hello,
current runs the integrated ITS (Webgui). We now want the smart card and have adapted to the configuration:
RZ10:
icm/server_port_0=PROT=HTTPS,PORT=1443,TIMEOUT=180
icm/HTTPS/verify_client=2
table USREXTID: C=DE,ST=xxx,L=xxx,O=xxx,OU=xxx,CN=xxx,emailAddress=xxx
smart card certification -> firefox 2.x and IE 7.x install.
SICF: Webgui Service -> Login with Client Certificate
The test (with IE or Firefox) was unsuccessful.
SMICM Trace:
[Thr 5708] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 5708] ERROR in ssl3_get_client_certificate: (536871698/0x20000312) the client did not send a certificate handshake message
[Thr 5708] << -
End of Secude-SSL Errorstack -
[Thr 5708] <<- ERROR: SapSSLSessionStart(sssl_hdl=003FFBC0)==SSSLERR_SSL_ACCEPT
[Thr 5708] ->> SapSSLErrorName(rc=-56)
[Thr 5708] <<- SapSSLErrorName()==SSSLERR_SSL_ACCEPT
[Thr 5708] *** ERROR => IcmConnInitServerSSL: SapSSLSessionStart returned (-56): SSSLERR_SSL_ACCEPT [icxxconn.c 1777]
[Thr 5708] ->> SapSSLSessionDone(&sssl_hdl=023BC640)
What should I do now?
Thanks, Silke
Full Trace:
sysno 02
sid RD1
systemid 560 (PC with Windows NT)
relno 7000
patchlevel 0
patchno 148
intno 20050900
make: multithreaded, ASCII, optimized
pid 5468
[Thr 5416] started security log to file dev_icm_sec
[Thr 5416] ICM running on: sdatu100.pvw.tu-darmstadt.de
[Thr 5416] MtxInit: 30001 0 2
[Thr 5416] IcmInit: listening to admin port: 65000
[Thr 5416] DpSysAdmExtCreate: ABAP is active
[Thr 5416] DpSysAdmExtCreate: VMC (JAVA VM in WP) is not active
[Thr 5416] DpShMCreate: sizeof(wp_adm) 13576 (1044)
[Thr 5416] DpShMCreate: sizeof(tm_adm) 36258120 (18120)
[Thr 5416] DpShMCreate: sizeof(wp_ca_adm) 18000 (60)
[Thr 5416] DpShMCreate: sizeof(appc_ca_adm) 6000 (60)
[Thr 5416] DpCommTableSize: max/headSize/ftSize/tableSize=2000/8/2112040/2112048
[Thr 5416] DpShMCreate: sizeof(comm_adm) 2112048 (1048)
[Thr 5416] DpSlockTableSize: max/headSize/ftSize/fiSize/tableSize=0/0/0/0/0
[Thr 5416] DpShMCreate: sizeof(slock_adm) 0 (96)
[Thr 5416] DpFileTableSize: max/headSize/ftSize/tableSize=0/0/0/0
[Thr 5416] DpShMCreate: sizeof(file_adm) 0 (72)
[Thr 5416] DpShMCreate: sizeof(vmc_adm) 0 (1296)
[Thr 5416] DpShMCreate: sizeof(wall_adm) (224040/329544/56/100)
[Thr 5416] DpShMCreate: sizeof(gw_adm) 48
[Thr 5416] DpShMCreate: SHM_DP_ADM_KEY (addr: 028C0040, size: 38968448)
[Thr 5416] DpShMCreate: allocated sys_adm at 028C0040
[Thr 5416] DpShMCreate: allocated wp_adm at 028C1B30
[Thr 5416] DpShMCreate: allocated tm_adm_list at 028C5038
[Thr 5416] DpShMCreate: allocated tm_adm at 028C5068
[Thr 5416] DpShMCreate: allocated wp_ca_adm at 04B591B0
[Thr 5416] DpShMCreate: allocated appc_ca_adm at 04B5D800
[Thr 5416] DpShMCreate: allocated comm_adm at 04B5EF70
[Thr 5416] DpShMCreate: system runs without slock table
[Thr 5416] DpShMCreate: system runs without file table
[Thr 5416] DpShMCreate: allocated vmc_adm_list at 04D629A0
[Thr 5416] DpShMCreate: allocated gw_adm at 04D629E0
[Thr 5416] DpShMCreate: system runs without vmc_adm
[Thr 5416] DpShMCreate: allocated ca_info at 04D62A10
[Thr 5096] IcmProxyWatchDog: proxy watchdog started
[Thr 5416] CCMS: AlInitGlobals : alert/use_sema_lock = TRUE.
[Thr 5416] IcmCreateWorkerThreads: created worker thread 0
[Thr 5416] IcmCreateWorkerThreads: created worker thread 1
[Thr 5416] IcmCreateWorkerThreads: created worker thread 2
[Thr 5416] IcmCreateWorkerThreads: created worker thread 3
[Thr 5416] IcmCreateWorkerThreads: created worker thread 4
[Thr 5416] IcmCreateWorkerThreads: created worker thread 5
[Thr 5416] IcmCreateWorkerThreads: created worker thread 6
[Thr 5416] IcmCreateWorkerThreads: created worker thread 7
[Thr 5416] IcmCreateWorkerThreads: created worker thread 8
[Thr 5416] IcmCreateWorkerThreads: created worker thread 9
[Thr 4352] IcmWatchDogThread: watchdog started
[Thr 5672] =================================================
[Thr 5672] = SSL Initialization on PC with Windows NT
[Thr 5672] = (700_REL,Mar 25 2008,mt,ascii,SAP_UC/size_t/void* = 8/32/32)
[Thr 5672] profile param "ssl/ssl_lib" = "D:\usr\sap\RD1\SYS\exe\run\sapcrypto.dll"
resulting Filename = "D:\usr\sap\RD1\SYS\exe\run\sapcrypto.dll"
[Thr 5672] = found SAPCRYPTOLIB 5.5.5C pl17 (Aug 18 2005) MT-safe
[Thr 5672] = current UserID: SDATU100\SAPServiceRD1
[Thr 5672] = found SECUDIR environment variable
[Thr 5672] = using SECUDIR=D:\usr\sap\RD1\DVEBMGS02\sec
[Thr 5672] = secudessl_Create_SSL_CTX(): PSE "D:\usr\sap\RD1\DVEBMGS02\sec\SAPSSLC.pse" not found,
[Thr 5672] = using PSE "D:\usr\sap\RD1\DVEBMGS02\sec\SAPSSLS.pse" as fallback
[Thr 5672] = secudessl_Create_SSL_CTX(): PSE "D:\usr\sap\RD1\DVEBMGS02\sec\SAPSSLA.pse" not found,
[Thr 5672] = using PSE "D:\usr\sap\RD1\DVEBMGS02\sec\SAPSSLS.pse" as fallback
[Thr 5672] ******** Warning ********
[Thr 5672] *** No SSL-client PSE "SAPSSLC.pse" available
[Thr 5672] *** -- this will probably limit SSL-client side connectivity
[Thr 5672] ********
[Thr 5672] = Success -- SapCryptoLib SSL ready!
[Thr 5672] =================================================
[Thr 5672] *** WARNING => HttpPlugInInit: Parameter icm/HTTPS/trust_client_with_issuer or icm/HTTPS/trust_client_with_subject no
X.509 cert data will be removed from header [http_plg.c 720]
[Thr 5672] ISC: created 400 MB disk cache.
[Thr 5672] ISC: created 50 MB memory cache.
[Thr 5672] HttpSubHandlerAdd: Added handler HttpCacheHandler(slot=0, flags=12293) for /:0
[Thr 5672] HttpExtractArchive: files from archive D:\usr\sap\RD1\SYS\exe\run/icmadmin.SAR in directory D:/usr/sap/RD1/DVEBMGS02/
[Thr 5672] HttpSubHandlerAdd: Added handler HttpAdminHandler(slot=1, flags=4101) for /sap/admin:0
[Thr 5672] CsiInit(): Initializing the Content Scan Interface
[Thr 5672] PC with Windows NT (mt,ascii,SAP_CHAR/size_t/void* = 8/32/32)
[Thr 5672] CsiInit(): CSA_LIB = "D:\usr\sap\RD1\SYS\exe\run\sapcsa.dll"
[Thr 5672] HttpSubHandlerAdd: Added handler HttpAuthHandler(slot=2, flags=12293) for /:0
[Thr 5672] HttpSubHandlerAdd: Added handler HttpSAPR3Handler(slot=3, flags=1052677) for /:0
[Thr 5672] Started service 1443 for protocol HTTPS on host "sdatu100.pvw.tu-darmstadt.de"(on all adapters) (processing timeout=9
[Thr 5672] Started service 25000 for protocol SMTP on host "sdatu100.pvw.tu-darmstadt.de"(on all adapters) (processing timeout=8
[Thr 5672] Tue Jul 15 14:38:37 2008
[Thr 5672] *** WARNING => IcmNetCheck: NiAddrToHost(10.0.0.1) took 5 seconds [icxxman.c 4578]
[Thr 5672] *** WARNING => IcmNetCheck: 1 possible network problems detected - please check the network/DNS settings [icxxman.c
[Thr 3932] Tue Jul 15 14:39:32 2008
[Thr 3932] *** WARNING => IcmCallAllSchedules: Schedule func 1 already running - avoid recursion [icxxsched.c 430]
[Thr 5416] Tue Jul 15 14:40:23 2008
[Thr 5416] IcmSetParam: Switched trace level to: 3
[Thr 5416] *
[Thr 5416] * SWITCH TRC-LEVEL to 3
[Thr 5416] *
[Thr 5416] NiBufIAlloc: malloc ICM_EXT, to 80 bytes
[Thr 5416]
NiBufSend starting
[Thr 5416] NiIWrite: hdl 3 sent data (wrt=80,pac=1,MESG_IO)
[Thr 5416] SiSelNSelect: start select (timeout=-1)
[Thr 5416] SiSelNNext: sock 8088 selected (revt=r--)
[Thr 5416] NiBufISelProcess: hdl 9 process r-
[Thr 5416] NiBufIAlloc: malloc NIBUF-IN, to 72 bytes
[Thr 5416] NiIRead: hdl 9 received data (rcd=72,pac=1,MESG_IO)
[Thr 5416] NiBufIIn: NIBUF len=72
[Thr 5416] NiBufIIn: packet complete for hdl 9
[Thr 5416] NiBufISelUpdate: new MODE -- (r-) for hdl 9 in set0
[Thr 5416] SiSelNSet: set events of sock 8088 to: ---
[Thr 5416] NiBufISelUpdate: new STAT r-- (---) for hdl 9 in set0
[Thr 5416] NiSelIListInsert: add hdl 9 [17] to buf-list (0) of set0
[Thr 5416] NiSelISelectInt: 1 handles selected (1 buffered)
[Thr 5416] IcmMsgProcess: Receive data from partner: WP(2), wp_no: 1
[Thr 5416]
NiBufReceive starting
[Thr 5416] NiBufISelUpdate: new MODE r- (--) for hdl 9 in set0
[Thr 5416] SiSelNSet: set events of sock 8088 to: rp-
[Thr 5416] NiBufISelUpdate: new STAT - (r) for hdl 9 in set0
[Thr 5416] NiSelIListRemove: remove hdl 9 [17] from buf-list (1) of set0
[Thr 5416] IcmRecMsg: received 72 bytes
[Thr 5416] ============================================
[Thr 5416] | COM_DATA:
[Thr 5416] | Offset: 0 | Version: 7000
[Thr 5416] | MsgNo: 2 | Opcode: ICM_COM_OP_ICM_MONITOR (66)
[Thr 5416] ============================================
[Thr 5416] IcmHandleAdmMsg: op: 66
[Thr 5416] NiBufIAlloc: malloc NiBufadm, to 0 bytes
[Thr 5416] NiBufDup: ref 1 for buf 0252CE50
[Thr 5416] IcmQueueAppend: queuelen: 1
[Thr 5416] IcmCreateRequest: Appended request 13
[Thr 5416] NiBufIAlloc: malloc ICM_EXT, to 80 bytes
[Thr 5416]
NiBufSend starting
[Thr 4392] IcmWorkerThread: worker 3 got the semaphore
[Thr 4392] REQUEST:
Type: ADMMSG Index = 12
[Thr 4392] NiBufFree: ref 1 for buf 0252CE50
[Thr 5416] NiIWrite: hdl 9 sent data (wrt=80,pac=1,MESG_IO)
[Thr 4392] MPI<a>0#5 GetInbuf -1 138968 440 (1) -> 6
[Thr 4392] IcmHandleMonitorMessage: called with opcode: 100
[Thr 5416] SiSelNSelect: start select (timeout=-1)
[Thr 4392] MPI<9>1#4 GetOutbuf -1 1489a0 65536 (0) -> 05348A00 0
[Thr 4392] MPI<a>0#6 FreeInbuf#2 0 138968 0 -> 0
[Thr 4392] MPI<9>1#5 FlushOutbuf l-1 1 1 1489a0 1104 6 -> 053489E0 0
[Thr 4392] IcmWorkerThread: Thread 3: Waiting for event
[Thr 5416] SiSelNNext: sock 8088 selected (revt=r--)
[Thr 5416] NiBufISelProcess: hdl 9 process r-
[Thr 5416] NiBufIAlloc: malloc NIBUF-IN, to 72 bytes
[Thr 5416] NiIRead: hdl 9 received data (rcd=72,pac=1,MESG_IO)
[Thr 5416] NiBufIIn: NIBUF len=72
[Thr 5416] NiBufIIn: packet complete for hdl 9
[Thr 5416] NiBufISelUpdate: new MODE -- (r-) for hdl 9 in set0
[Thr 5416] SiSelNSet: set events of sock 8088 to: ---
[Thr 5416] NiBufISelUpdate: new STAT r-- (---) for hdl 9 in set0
[Thr 5416] NiSelIListInsert: add hdl 9 [17] to buf-list (0) of set0
[Thr 5416] NiSelISelectInt: 1 handles selected (1 buffered)
[Thr 5416] IcmMsgProcess: Receive data from partner: WP(2), wp_no: 1
[Thr 5416]
NiBufReceive starting
[Thr 5416] NiBufISelUpdate: new MODE r- (--) for hdl 9 in set0
[Thr 5416] SiSelNSet: set events of sock 8088 to: rp-
[Thr 5416] NiBufISelUpdate: new STAT - (r) for hdl 9 in set0
[Thr 5416] NiSelIListRemove: remove hdl 9 [17] from buf-list (1) of set0
[Thr 5416] IcmRecMsg: received 72 bytes
[Thr 5416] ============================================
[Thr 5416] | COM_DATA:
[Thr 5416] | Offset: 0 | Version: 7000
[Thr 5416] | MsgNo: 2 | Opcode: ICM_COM_OP_ICM_MONITOR (66)
[Thr 5416] ============================================
[Thr 5416] IcmHandleAdmMsg: op: 66
[Thr 5416] NiBufIAlloc: malloc NiBufadm, to 0 bytes
[Thr 5416] NiBufDup: ref 1 for buf 0252CE50
[Thr 5416] IcmQueueAppend: queuelen: 1
[Thr 5416] IcmCreateRequest: Appended request 14
[Thr 5416] NiBufIAlloc: malloc ICM_EXT, to 80 bytes
[Thr 5416]
NiBufSend starting
[Thr 5784] IcmWorkerThread: worker 4 got the semaphore
[Thr 5416] NiIWrite: hdl 9 sent data (wrt=80,pac=1,MESG_IO)
[Thr 5416] NiBufFree: ref 1 for buf 0252CE50
[Thr 5416] SiSelNSelect: start select (timeout=-1)
[Thr 5784] REQUEST:
Type: ADMMSG Index = 13
[Thr 5784] MPI<c>0#5 GetInbuf -1 1489a0 440 (1) -> 6
[Thr 5784] IcmHandleMonitorMessage: called with opcode: 100
[Thr 5784] MPI<b>1#4 GetOutbuf -1 138968 65536 (0) -> 053389C8 0
[Thr 5784] MPI<c>0#6 FreeInbuf#2 0 1489a0 0 -> 0
[Thr 5784] MPI<b>1#5 FlushOutbuf l-1 1 1 138968 1104 6 -> 053389A8 0
[Thr 5784] IcmWorkerThread: Thread 4: Waiting for event
[Thr 4352] Tue Jul 15 14:40:26 2008
[Thr 4352] NiSelISelectInt: 0 handles selected (0 buffered)
[Thr 4352] IcmWatchDogThread: check ni handles (timeout=10000)
[Thr 4352] SiSelNFCSelect: start select (timeout=10000)
[Thr 5416] Tue Jul 15 14:40:29 2008
[Thr 5416] SiSelNNext: sock 8160 selected (revt=r--)
[Thr 5416] NiSelIListInsert: add hdl 6 [3] to sel-list (0) of set0
[Thr 5416] NiSelISelectInt: 1 handles selected (0 buffered)
[Thr 5416] IcmExternalLogin: Connection request from Client received
[Thr 5416] NiIAccept: hdl 6 accepted connection
[Thr 5416] NiICreateHandle: hdl 8 state NI_INITIAL
[Thr 5416] NiIInitSocket: set default settings for hdl 8 / sock 8076 (I4; ST)
[Thr 5416] NiIBlockMode: set blockmode for hdl 8 FALSE
[Thr 5416] NiIAccept: state of hdl 8 NI_ACCEPTED
[Thr 5416] NiIAccept: hdl 6 accepted hdl 8 from 192.168.1.3:1305
[Thr 5416] NiIAccept: hdl 8 took local address 130.83.89.22:1443
[Thr 5416] IcmConnCheckStoredClientConn: next client timeout check in 3 sec
[Thr 5416] IcmServIncrRefCount: sdatu100.pvw.tu-darmstadt.de:1443 - serv_ref_count: 2
[Thr 5416] IcmQueueAppend: queuelen: 1
[Thr 5416] IcmCreateRequest: Appended request 15
[Thr 5416] IcmConnIntegrateServer: accepted connection from 192.168.1.3 on service 1443
[Thr 3932] IcmWorkerThread: worker 5 got the semaphore
[Thr 3932] REQUEST:
Type: ACCEPT CONNECTION Index = 14
[Thr 3932] CONNECTION (id=1/8):
used: 1, type: 1, role: 1, stateful: 0
NI_HDL: 8, protocol: HTTPS(2)
local host: 130.83.89.22:1443 ()
remote host: 192.168.1.3:1305 ()
status: NOP
connect time: 15.07.2008 14:40:29
MPI request: <0> MPI response: <0>
request_buf_size: 0 response_buf_size: 0
request_buf_used: 0 response_buf_used: 0
request_buf_offset: 0 response_buf_offset: 0
[Thr 5416] SiSelNSelect: start select (timeout=-1)
[Thr 3932] MPI:1 create pipe 052002C0 1
[Thr 3932] MPI<d>1#1 Open( ANONYMOUS 1 1 ) -> 1
[Thr 3932] MPI<d>1#2 Open( ANONYMOUS 1 0 ) -> 1
[Thr 3932] MPI:0 create pipe 05200180 1
[Thr 3932] MPI<e>0#1 Open( ANONYMOUS 0 0 ) -> 0
[Thr 3932] MPI<e>0#2 Open( ANONYMOUS 0 1 ) -> 0
[Thr 3932] ->> SapSSLSessionInit(&sssl_hdl=023BC640, role=2 (SERVER), auth_type=2 (REQUIRE_CLIENT_CERT))
[Thr 3932] <<- SapSSLSessionInit()==SAP_O_K
[Thr 3932] in: args = "role=2 (SERVER), auth_type=2 (REQUIRE_CLIENT_CERT)"
[Thr 3932] out: sssl_hdl = 003FFBC0
[Thr 3932] ->> SapSSLSetNiHdl(sssl_hdl=003FFBC0, ni_hdl=8)
[Thr 3932] NiIBlockMode: set blockmode for hdl 8 TRUE
[Thr 3932] SSL NI-sock: local=130.83.89.22:1443 peer=192.168.1.3:1305
[Thr 3932] <<- SapSSLSetNiHdl(sssl_hdl=003FFBC0, ni_hdl=8)==SAP_O_K
[Thr 3932] ->> SapSSLSessionStart(sssl_hdl=003FFBC0)
[Thr 3932] SapISSLServerCacheExpiration(): Calling ServerCacheCleanup() (lifetime=900)
[Thr 3932] SapISSLServerCacheExpiration(srv,"D:\usr\sap\RD1\DVEBMGS02\sec\SAPSSLS.pse"): Cache max/before/now = 5000/1/1
[Thr 5096] Tue Jul 15 14:40:32 2008
[Thr 5096] SiSelNSelect: of 1 sockets 0 selected
[Thr 5096] IcmProxyWatchDog: check sockets (timeout=10000)
[Thr 5096] SiSelNSelect: start select (timeout=10000)
[Thr 4352] Tue Jul 15 14:40:36 2008
[Thr 4352] NiSelISelectInt: 0 handles selected (0 buffered)
[Thr 4352] IcmCheckForBlockedThreads: check for blocked SSL-threads
[Thr 4352] IcmWatchDogThread: check ni handles (timeout=10000)
[Thr 4352] SiSelNFCSelect: start select (timeout=10000)
[Thr 5096] Tue Jul 15 14:40:42 2008
[Thr 5096] SiSelNSelect: of 1 sockets 0 selected
[Thr 5096] IcmProxyWatchDog: check sockets (timeout=10000)
[Thr 5096] SiSelNSelect: start select (timeout=10000)
[Thr 3932] Tue Jul 15 14:40:45 2008
[Thr 3932] peer has closed connection
[Thr 3932] <<- SapSSLSessionStart(sssl_hdl=003FFBC0)==SSSLERR_CONN_CLOSED
[Thr 3932] ->> SapSSLSessionDone(&sssl_hdl=023BC640)
[Thr 3932] <<- SapSSLSessionDone(sssl_hdl=003FFBC0)==SAP_O_K
[Thr 3932] NiICloseHandle: shutdown and close hdl 8 / sock 8076
[Thr 3932] MPI<d>1#3 Close( 1 ) del=0 -> 0
[Thr 3932] MPI<d>1#5 Delete( 1 ) -> 0
[Thr 3932] MPI<d>1#4 Close( 1 ) del=1 -> 0
[Thr 3932] MPI<e>0#3 Close( 0 ) del=0 -> 0
[Thr 3932] MPI<e>0#5 Delete( 0 ) -> 0
[Thr 3932] MPI<e>0#4 Close( 0 ) del=1 -> 0
[Thr 3932] IcmConnFreeContext: context 1 released
[Thr 3932] IcmServDecrRefCount: sdatu100.pvw.tu-darmstadt.de:1443 - serv_ref_count: 1
[Thr 3932] IcmWorkerThread: Thread 5: Waiting for event
[Thr 5416] SiSelNNext: sock 8160 selected (revt=r--)
[Thr 5416] NiSelIListInsert: add hdl 6 [3] to sel-list (0) of set0
[Thr 5416] NiSelISelectInt: 1 handles selected (0 buffered)
[Thr 5416] IcmExternalLogin: Connection request from Client received
[Thr 5416] NiIAccept: hdl 6 accepted connection
[Thr 5416] NiICreateHandle: hdl 8 state NI_INITIAL
[Thr 5416] NiIInitSocket: set default settings for hdl 8 / sock 8092 (I4; ST)
[Thr 5416] NiIBlockMode: set blockmode for hdl 8 FALSE
[Thr 5416] NiIAccept: state of hdl 8 NI_ACCEPTED
[Thr 5416] NiIAccept: hdl 6 accepted hdl 8 from 192.168.1.3:1309
[Thr 5416] NiIAccept: hdl 8 took local address 130.83.89.22:1443
[Thr 5416] IcmConnCheckStoredClientConn: check for client conn timeout
[Thr 5416] IcmConnCheckStoredClientConn: next client timeout check in 60 sec
[Thr 5416] IcmServIncrRefCount: sdatu100.pvw.tu-darmstadt.de:1443 - serv_ref_count: 2
[Thr 5416] IcmQueueAppend: queuelen: 1
[Thr 5416] IcmCreateRequest: Appended request 16
[Thr 5416] IcmConnIntegrateServer: accepted connection from 192.168.1.3 on service 1443
[Thr 5708] IcmWorkerThread: worker 6 got the semaphore
[Thr 5708] REQUEST:
Type: ACCEPT CONNECTION Index = 15
[Thr 5708] CONNECTION (id=1/9):
used: 1, type: 1, role: 1, stateful: 0
NI_HDL: 8, protocol: HTTPS(2)
local host: 130.83.89.22:1443 ()
remote host: 192.168.1.3:1309 ()
status: NOP
connect time: 15.07.2008 14:40:45
MPI request: <0> MPI response: <0>
request_buf_size: 0 response_buf_size: 0
request_buf_used: 0 response_buf_used: 0
request_buf_offset: 0 response_buf_offset: 0
[Thr 5416] SiSelNSelect: start select (timeout=-1)
[Thr 5708] MPI:0 create pipe 05200180 1
[Thr 5708] MPI<f>0#1 Open( ANONYMOUS 0 1 ) -> 0
[Thr 5708] MPI<f>0#2 Open( ANONYMOUS 0 0 ) -> 0
[Thr 5708] MPI:1 create pipe 052002C0 1
[Thr 5708] MPI<10>1#1 Open( ANONYMOUS 1 0 ) -> 1
[Thr 5708] MPI<10>1#2 Open( ANONYMOUS 1 1 ) -> 1
[Thr 5708] ->> SapSSLSessionInit(&sssl_hdl=023BC640, role=2 (SERVER), auth_type=2 (REQUIRE_CLIENT_CERT))
[Thr 5708] <<- SapSSLSessionInit()==SAP_O_K
[Thr 5708] in: args = "role=2 (SERVER), auth_type=2 (REQUIRE_CLIENT_CERT)"
[Thr 5708] out: sssl_hdl = 003FFBC0
[Thr 5708] ->> SapSSLSetNiHdl(sssl_hdl=003FFBC0, ni_hdl=8)
[Thr 5708] NiIBlockMode: set blockmode for hdl 8 TRUE
[Thr 5708] SSL NI-sock: local=130.83.89.22:1443 peer=192.168.1.3:1309
[Thr 5708] <<- SapSSLSetNiHdl(sssl_hdl=003FFBC0, ni_hdl=8)==SAP_O_K
[Thr 5708] ->> SapSSLSessionStart(sssl_hdl=003FFBC0)
[Thr 5708] NiIBlockMode: set blockmode for hdl 8 FALSE
[Thr 5708] NiIHdlGetStatus: hdl 8 / sock 8092 ok, data pending (len=1)
[Thr 5708] NiIBlockMode: set blockmode for hdl 8 TRUE
[Thr 5708] SSL_get_state() returned 0x00001181 "SSLv3 read client certificate B"
[Thr 5708] *** ERROR during SecudeSSL_SessionStart() from SSL_accept()==SSL_ERROR_SSL
[Thr 5708] SecudeSSL_SessionStart: SSL_accept() failed --
secude_error 536871698 (0x20000312) = "the client did not send a certificate handshake message for its authentication and we c
[Thr 5708] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 5708] ERROR in ssl3_get_client_certificate: (536871698/0x20000312) the client did not send a certificate handshake message
[Thr 5708] << -
End of Secude-SSL Errorstack -
[Thr 5708] <<- ERROR: SapSSLSessionStart(sssl_hdl=003FFBC0)==SSSLERR_SSL_ACCEPT
[Thr 5708] ->> SapSSLErrorName(rc=-56)
[Thr 5708] <<- SapSSLErrorName()==SSSLERR_SSL_ACCEPT
[Thr 5708] *** ERROR => IcmConnInitServerSSL: SapSSLSessionStart returned (-56): SSSLERR_SSL_ACCEPT [icxxconn.c 1777]
[Thr 5708] ->> SapSSLSessionDone(&sssl_hdl=023BC640)
[Thr 5708] <<- SapSSLSessionDone(sssl_hdl=003FFBC0)==SAP_O_K
[Thr 5708] NiICloseHandle: shutdown and close hdl 8 / sock 8092
[Thr 5708] MPI<f>0#3 Close( 0 ) del=0 -> 0
[Thr 5708] MPI<f>0#5 Delete( 0 ) -> 0
[Thr 5708] MPI<f>0#4 Close( 0 ) del=1 -> 0
[Thr 5708] MPI<10>1#3 Close( 1 ) del=0 -> 0
[Thr 5708] MPI<10>1#5 Delete( 1 ) -> 0
[Thr 5708] MPI<10>1#4 Close( 1 ) del=1 -> 0
[Thr 5708] IcmConnFreeContext: context 1 released
[Thr 5708] IcmServDecrRefCount: sdatu100.pvw.tu-darmstadt.de:1443 - serv_ref_count: 1
[Thr 5708] IcmWorkerThread: Thread 6: Waiting for event
[Thr 4352] Tue Jul 15 14:40:46 2008
[Thr 4352] NiSelISelectInt: 0 handles selected (0 buffered)
[Thr 4352] IcmQueueAppend: queuelen: 1
[Thr 4352] IcmCreateRequest: Appended request 17
[Thr 4352] IcmWatchDogThread: check ni handles (timeout=10000)
[Thr 4352] SiSelNFCSelect: start select (timeout=10000)
[Thr 4196] IcmWorkerThread: worker 7 got the semaphore
[Thr 4196] REQUEST:
Type: SCHEDULER Index = 16
[Thr 4196] IcmGetSchedule: found slot 0
[Thr 4196] IcmAlReportData: Reporting data to CCMS Alerting Infrastructure
[Thr 4196] NiIGetServNo: servicename '1443' = port 05.A3/1443
[Thr 4196] IcmConnCheckStoredClientConn: next client timeout check in 59 sec
[Thr 4196] NiIGetServNo: servicename '1443' = port 05.A3/1443
[Thr 4196] IcmGetServicePtr: new serv_ref_count: 2
[Thr 4196] PlugInHandleAdmMessage: request received:
[Thr 4196] PlugInHandleAdmMessage: opcode: 136, len: 272, dest_type: 2, subhdlkey: 262145
[Thr 4196] HttpSubHandlerCall: Call Handler: HttpCacheHandler, task=4, header_len=0
[Thr 4196] HttpCacheHandler: 4 0 006BBBC4 00000000
[Thr 4196] SCACHE: adm request received:
[Thr 4196] SCACHE: opcode: 136, len: 272, dest_type: 2, dest:
[Thr 4196] MTX_LOCK 3038 00ADEE88
[Thr 4196] MTX_UNLOCK 3051 00ADEE88
[Thr 4196] IctCmGetCacheInfo#5 -> 0
[Thr 4196] IcmNetBufWrapBuf: allocated netbuf: 00AD2B48, blocks used: 1
[Thr 4196] IcmNetBufWrapBuf: allocated netbuf: 00AD2B48
[Thr 4196] IcmNetBufFree: free netbuf: 00AD2B48 out of 1 used
[Thr 4196] IcmConnFreeContext: context 1 released
[Thr 4196] IcmServDecrRefCount: sdatu100.pvw.tu-darmstadt.de:1443 - serv_ref_count: 1
[Thr 4196] IcmGetSchedule: next schedule in 30 secs
[Thr 4196] IcmWorkerThread: Thread 7: Waiting for event
[Thr 5096] Tue Jul 15 14:40:52 2008
[Thr 5096] SiSelNSelect: of 1 sockets 0 selected
[Thr 5096] IcmProxyWatchDog: check sockets (timeout=10000)
[Thr 5096] SiSelNSelect: start select (timeout=10000)>
silke kubelka wrote:
> SMICM-Log:
>
*** No SSL-client PSE "SAPSSLC.pse" available
>
*** this will probably limit SSL-client side connectivity
>
> is this a problem?
Well, since you want to enable the certificate-based user authentication (where your ABAP server is in the role of the SSL server) this does not matter. But if you intend to use your NWAS ABAP as SSL client (for outbound https communication) then it will matter. To resolve this problem you simply create an SSL Client PSE using transaction STRUST.
Once you've managed to [configure your NWAS ABAP for SSL,|https://service.sap.com/sap/support/notes/510007] you should see (in the ICM trace) that a X.509 client certificate was received. If the certificate-based logon does not succeed, then it's most likely due to some mapping problems - those can be analysed by using the tracing approach described in [note 495911|https://service.sap.com/sap/support/notes/495911].
If you need assistance in enabling the X.509 client certificate authentication you should submit an inquiry to SAP (message component BC-SEC-LGN).
Best regards,
Wolfgang -
Certificate not works when deploy the store app package by powershell
I request a web service with a pfx certificate in windows store app, it works well, but after I create a package by VS2013, and
deploy the app with powershell, access web service failed, seems the certificate not works. Any hints, suggestion ? My code as below:
string certRawData = StringEncryptionHelper.Decrypt(ConfigurationLoader.ApplicationSettings.CertificateData.RawData);
string certPassword = StringEncryptionHelper.Decrypt(ConfigurationLoader.ApplicationSettings.CertificateData.Password);
await CertificateEnrollmentManager.ImportPfxDataAsync(certRawData,
certPassword,
ExportOption.Exportable,
KeyProtectionLevel.NoConsent,
InstallOptions.None,
ConfigurationLoader.ApplicationSettings.CertificateData.FriendlyName);
CertificateQuery certQuery = new CertificateQuery { FriendlyName = ConfigurationLoader.ApplicationSettings.CertificateData.FriendlyName };
IReadOnlyList<Windows.Security.Cryptography.Certificates.Certificate> certs = await CertificateStores.FindAllAsync(certQuery);
certificate = certs.FirstOrDefault();
var protolFilter = new HttpBaseProtocolFilter { ClientCertificate = certificate };
var client = new HttpClient(protolFilter);
HttpResponseMessage result = await client.GetAsync(requestUri);Hello Mosser lee,
As this issue is related to Development, it is recommended to post in the related MSDN forum.
The professionals there will be glad to help you.
https://social.msdn.microsoft.com/Forums/en-US/home
Thanks for your understanding.
Best regards,
Fangzhou CHEN
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
BPC 7.5 Admin Client Links Not Working
I am working in BPC 7.5 SP15 NW. I have recently upgraded to Windows 7 64-bit and now the links in the action pane in the desktop admin client are not working. The cursor does not change from the nornal pointer to the hand. That would indicate that the admin client is no longer recognizing them as links. The links work fine in the desktop Excel client. I am using 32-bit Excel 2010 with no other version of Office installed.
Has anyone heard of this behavior and how to correct for it?Hi Kannan,
i think this is a Osoft web site configuration issue, the error indicates that you have one duplicate section in the web site configuration file (web.config).
If you didn't alter the web.config file then the problem may occur because when you use framework 4.0, the machine config already has some of the sections defined that were used in previous ASP.NEt versions.
You should check which version of the MS Framework is configured for the application pool of the web site, change it to v2.
Let me know if this solves the issue. Or if you need more help to resolve it.
Kindest regards, -
IPod touch not working through USB in car
Does anyone know how to resolve an issue with the new IPod Touch 4th gen just purchased not working through car stereo. Have a new Toyota camry touring. You can hear sound when connected when you slide to unlock or go into an app the sound goes through the speakers fine but the radio face says loading and won't go any further, if you then try to go to the music screen it says connected so you can't get into the music to try to play. Has anyone else had this problem and resolved it. Not sure if the software of the radio can be upgraded to suit maybe at service?? Not really sure. Any help would be great
Have you contacted your auto dealer? Some users have reported problems with there car systems not worked with the latest iOS. I searched the iPod Touch forum for Toyota but did not find any previous posts concerning Toyota.
Have you tried resetting your iPod:
Press and hold the On/Off Sleep/Wake button and the Home
button at the same time for at least ten seconds, until the Apple logo appears. -
[solved] NFS client will not work correctly
I have all my $HOME on an NFS Server. So long I used suse and debian, now I want switch to arch but the nfs-client ist not working correctly:
I start "portmap nfslock nfsd netfs" over rc.conf. When I do a "rpcinfo -p <ip-arch-system>" I got the following
stefan:/home/stefan # rpcinfo -p 192.168.123.3
Program Vers Proto Port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 udp 32768 nlockmgr
100021 3 udp 32768 nlockmgr
100021 4 udp 32768 nlockmgr
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100021 1 tcp 48988 nlockmgr
100021 3 tcp 48988 nlockmgr
100021 4 tcp 48988 nlockmgr
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 3 udp 891 mountd
100005 3 tcp 894 mountd
As you see "status" is missing, so the statd is not running. It sould look like the result on my suse box:
stefan:/home/stefan # rpcinfo -p 192.168.123.2
Program Vers Proto Port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32768 status
100021 1 udp 32768 nlockmgr
100021 3 udp 32768 nlockmgr
100021 4 udp 32768 nlockmgr
100024 1 tcp 35804 status
100021 1 tcp 35804 nlockmgr
100021 3 tcp 35804 nlockmgr
100021 4 tcp 35804 nlockmgr
There is the "status" line and so the statd is running.
How can I fix that problem, so that statd ist running on my arch box too?
Last edited by stka (2007-06-10 15:59:48)The Problem ist solved.
I use ldap for authentication. During the setup of the ldapclient I copied the nsswitch.ldap to nsswitch.conf. But the line for "hosts:" was:
hosts: dns ldap
but in my dns ist no localhost entry. After I changed this line to:
hosts: files dns ldap
everything was ok. The statd is now running and I can start to migrate to archlinux ;-) -
Printing on HP PSC 1200 not working through WIN XP
Hi! I have a windows PC which I have connected to an HP PSC 1200 printer. My other laptops can connect perfectly to the printer and print. I set up my Mac according to the instructions but I cannot print. In windows the que name is "Remote Downlevel Print" and it is immediately giving an error. I called apple care because my exact model wasn't there so they gave me a printer which used its same driver. I can print when I connect the printer to my USB on my MacBook Pro but it does not work through Windows. If anyone could provide me with some help that would be great. Thanks.
I have a similar problem-Canon Pixma ip4000 wired to Dell desktop running Win 98 2nd ed.---- Desktop is wired to Netgear. --- I can access internet with mac book pro but not print-I could print wirelessly with Toshiba laptop running Win xp-called apple help and spent 2 hours trying to fix but we both gave up-I wonder if I could run a cable from the printer to the netgear---unfortunately no USB interface on the netgear router --so I would have to find a cable that is either USB or parallel on one side and eithernet on the other-does anyone know if this world work? If not I could buy a printer router that just takes care of the printer wirelessly-anyone know of a good one?
Maybe you are looking for
-
Install error 11gR2 on Windows 2008 Server R2
Hello, I have a question about an installation error I received on Windows 2008 Server R2 while trying to install the 11g R2 on an test machine. I had downloaded both cd's and extracted them and copied the first cd into an new directory and then trie
-
Home PC Outlook to iPhone - help required...
I have a 3G iPhone and am running Windows Vista with Outlook (No Exchang). My outlook receives email from all my pop accounts and this is where I keep all my contacts and calendar events. I want to be able to perform over the air sync (not connect th
-
I'm basically out of storage in my phone, so when I went to manage my storage in my settings it says that my mail is taking up 5.5 MB but yet I'm not logged into any email account therefore I'm not sure how I would remove it
-
Can't re-install same version of Safari
Safari wasn't launching at all on Tiger 10.4.11, worked fine until now. Restarted computer, trashed the Safari prefs, etc. No go. I Trashed the app with AppDelete. Downloaded the same version 4.1 for tiger and dialogue box said that a newer version i
-
I have a excel file (data.xls). On the click of a button, I need to display this file to the user. How do I launch (open) the excel file from a Java application ?