Hi !
I'm able to access my xs Engine using https://hana host:4310
I need to get this working using a Web Dispatcher HTTPS port.
I'm able to access http://<WD host>:<WD port for HANA> just fine...but when I try to change HTTP to HTTPS in the WD profile, it fails with the below error:
Checking external server https://Hana host:4310...[Thr 140069963814752] *** ERROR during SecuSSL_SessionStart() from SSL_connnect()==SSL_ERROR_SSL
[Thr 140069963814752] session uses PSE file "/usr/sap/WED/W02/sec/SAPSSLA.pse"
[Thr 140069963814752] SecuSSL_SessionStart: SSL_connnect() failed (536872221/0x2000051d)
[Thr 140069963814752] => "SSL API error"
[Thr 140069963814752] >> ---------- Begin of Secu-SSL Errorstack ---------- >>
[Thr 140069963814752] 0x2000051d | SAPCRYPTOLIB | SSL_connect
[Thr 140069963814752] SSL API error
[Thr 140069963814752] Failed to verify peer certificate. Peer not trusted.
[Thr 140069963814752] 0xa0600203 | SSL | ssl_verify_peer_certificates
[Thr 140069963814752] Peer not trusted
[Thr 140069963814752] 0xa0600297 | SSL | ssl_cert_checker_verify_certificates
[Thr 140069963814752] peer certificate (chain) is not trusted
[Thr 140069963814752] Verification result:
[Thr 140069963814752] Status :Not successful
[Thr 140069963814752] Profile :1.3.6.1.4.1.694.2.2.2.2
[Thr 140069963814752] DirectlyTrusted:Not successful
[Thr 140069963814752] << ---------- End of Secu-SSL Errorstack ----------
[Thr 140069963814752] SSL_get_state()==0x2131 "SSLv3 read server certificate B"
[Thr 140069963814752] SSL NI-hdl 6: local=xyz:51952 peer=xyz:4310
[Thr 140069963814752] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x1dec450)==SSSLERR_PEER_CERT_UNTRUSTED
[Thr 140069963814752] *** ERROR => IcrConnOpen: SapSSLSessionStart failed (-102): SSSLERR_PEER_CERT_UNTRUSTED [icxxcheckcon 2700]
ERROR: Connection to server HANA host:4310 failed
My WD profile looks as below:
icm/server_port_2 = PROT=HTTPS,HOST=HANA host,PORT=8099,TIMEOUT=900,PROCTIMEOUT=900
wdisp/system_2 = SID=HANA SID, EXTSRV=https://HANA host:4310, SRCSRV=*:8099, SRCURL=/
When the items in bold are made HTTP, I can access http://WD host:8099 for the xs engine just fine.
For HTTPS in the WD profile, The browser says: 503 Service Unavailable
Do I need to import some certificate from HANA to the WD ?
HANA & WD lie on the same host.
Please help advise...
Thanks a lot !
saba.