[ web browser com certificado X.509 ] <-> [ Web Dispatcher ] <-> [ WebAS Java ]
[ web browser com certificado X.509 ] <-> [ WebAS Java ]
[ web browser com certificado X.509 ] <-> [ Web Dispatcher ] <-> [ WebAS ABAP ]
[ web browser com certificado X.509 ] <-> [ WebAS ABAP ]
“...
N dy_signi_ext: X.509 client certificate logon with ticket request
M SapSecuInit: libsapsecu loaded from >C:\usr\sap\SID\DVEBMGS00\exe\sapcrypto.dll<
M SapSecuInit(): set_secudir("C:\usr\sap\SID\DVEBMGS00\sec")==0 OK
N CertGetInfo: Subject-Name >CN=xyz, O=empresa, C=BR<
N CertGetInfo: Issuer-Name >CN=CAempresa, O=empresa, C=BR<
N lookup USREXTID for certificate mapping information
N GetUsrExtId: search for <DN, "CN=xyz, O=empresa..."> in client nnn for user ""
N GetUsrExtId: found matching user >xyz< in client nnn
N CheckX509CertIssuer: check skipped
N GetUsrExtId: 1 matching USREXTID entries found
N iSignSncServerLogin: client/user/lang/access/auth :nnn/xyz /E/H/X
N iSignSncServerLogin: check for SSL requirement not required - done by ICman
N DyISigni: client=nnn, user=xyz , lang=E, access=H, auth=X
N usrexist: effective authentification method: X.509 client certificate
N Get_RefUser(nnn,xyz) =>
N password logon is generally enabled (default)
N productive password is still valid (expiration period=0 / days gone=0)
N password change not required (expiration period=0 / days gone=582)
N save user time zone = >BRAZIL< into spa
N DyISignR: return code=0 (see note 320991)
“...
[Thr 2044] ->> SapSSLSessionInit(&sssl_hdl=0000000002E0C750, role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT))
[Thr 2044] <<- SapSSLSessionInit()==SAP_O_K
[Thr 2044] in: args = "role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT)"
[Thr 2044] out: sssl_hdl = 0000000002F2FA50
[Thr 2044] ->> SapSSLSetNiHdl(sssl_hdl=0000000002F2FA50, ni_hdl=115)
[Thr 2044] NiIBlockMode: set blockmode for hdl 115 TRUE
[Thr 2044] SSL NI-sock: local=aaa.bbb.ccc.ddd:10000 peer=aaa.bbb.ccc.eee:53379
[Thr 2044] <<- SapSSLSetNiHdl(sssl_hdl=0000000002F2FA50, ni_hdl=115)==SAP_O_K
[Thr 2044] ->> SapSSLSessionStart(sssl_hdl=0000000002F2FA50)
...
[Thr 2044] No Client Certificate
[Thr 2044] New session (TLSv1.0)
“...
C:\<SECUDIR>\>date
The current date is: dd/mm/yyyy
Enter the new date: (dd-mm-yy)
C:\<SECUDIR>\>sapgenpse get_my_name -p SAPSSLS.pse
Subject : CN=webdispatcher.foo.bar, OU=SAP Labs Latin America,...
Issuer : CN=CA...
Serialno: ...
KeyInfo : RSA, 2048-bit
Validity - NotBefore: Dds Mes dd hh:mm:ss 201x (...)
NotAfter: Dds Mes dd hh:mm:ss 201x (...)
“...
C:\<SECUDIR>\>sapgenpse maintain_pk -l -p SAPSSLS.pse
maintain_pk for PSE "C:\<SECUDIR>\SAPSSLS.pse"
PKList is empty.
“...
C:\<SECUDIR>\>sapgenpse maintain_pk -a SSO_CA.cer -p SAPSSLS.pse
maintain_pk for PSE "C:\<SECUDIR>\SAPSSLS.pse"
Subject : CN=CAempresa, O=empresa, C=BR
PKList updated (1 entries total, 1 newly added)
“...
[Thr 7760] ->> SapSSLSessionInit(&sssl_hdl=0000000002C2C680, role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT))
[Thr 7760] <<- SapSSLSessionInit()==SAP_O_K
[Thr 7760] in: args = "role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT)"
[Thr 7760] out: sssl_hdl = 0000000002D4F9D0
[Thr 7760] ->> SapSSLSetNiHdl(sssl_hdl=0000000002D4F9D0, ni_hdl=133)
[Thr 7760] NiIBlockMode: set blockmode for hdl 133 TRUE
[Thr 7760] SSL NI-sock: local=aaa.bbb.ccc.ddd:10000 peer=aaa.bbb.ccc.eee:54295
...
[Thr 7760] Base64-Dump of peer certificate (len=680 bytes)
[Thr 7760]
[Thr 7760] -----BEGIN CERTIFICATE-----
...
[Thr 7760] -----END CERTIFICATE-----
[Thr 7760] Subject DN: CN=xyz, O=empresa, C=BR
[Thr 7760] Issuer DN: CN=CAempresa, O=empresa, C=BR
[Thr 7760] Current Cipher: TLS_RSA_WITH_AES128_CBC_SHA
[Thr 7760] <<- SapSSLSessionStart(sssl_hdl=0000000002D4F9D0)==SAP_O_K
[Thr 7760] status = "new SSL session, received client cert"
[Thr 7760] Client DN = "CN=xyz, O=empresa, C=BR"
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
13 | |
11 | |
11 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
5 |