21 Replies Latest reply: Feb 27, 2012 3:33 PM by Stefan Molzen RSS

Web Dispatcher configuration issue - cascade and ssl

Bernd Speckmann
Currently Being Moderated

Hi there,

we want to access our SAP systems from our internal LAN and from the internet. For this I want to configure some Web Dispatchers.

The following scenario:

 

===DMZ ===

 

Web Dispatcher W00 (internet access)

 

== internal LAN ===

 

Web Dispatcher W01 (for system X)

Web Dispatcher W02 (for system Y)

Internal users should access system X or Y through W01 or W02. Internet user should access both systems through W00. AFAIK I have to configure a cascade of Web Dispatchers. I am using Web Dispatcher 7.2 and installed them with SAPInst.

 

For this I have the following configuration files:

 

====WD00===  WD0_W00_sapweb.pfl

 

SAPSYSTEMNAME = WD0

SAPGLOBALHOST = sapweb

SAPSYSTEM = 00

INSTANCE_NAME = W00

DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64

DIR_EXECUTABLE = $(DIR_CT_RUN)

DIR_PROFILE = $(DIR_INSTALL)\profile

PF = $(DIRPROFILE)\WD0_W00_sapweb

SETENV_00 = PATH=$(DIR_EXECUTABLE);%PATH%

wdisp/server_info_location = file://$(DIR_PROFILE)/info.icr

wdisp/group_info_location = file://$(DIR_PROFILE)/icrgroups.txt

wdisp/url_map_location = file://$(DIR_PROFILE)/urlinfo.txt

icm/max_conn = 500

icm/max_sockets = 1024

icm/req_queue_len = 500

icm/min_threads = 10

icm/max_threads = 50

mpi/total_size_MB = 80

icm/server_port_0 = PROT=HTTP,PORT=81$$

WD = $(DIREXECUTABLE)\sapwebdisp$(FT_EXE)

Start_Program_00 = local $(_WD) pf=$(_PF)

SETENV_01 = SECUDIR=$(DIR_INSTANCE)/sec

ssl/ssl_lib = $(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL)

sec/libsapsecu = $(ssl/ssl_lib)

ssf/ssfapi_lib = $(ssl/ssl_lib)

 

====WD00===  info.icr

 

version 1.0

WDINTERNAL WD1W01

HTTP WDINTERNAL 8101

DIAG WDINTERNAL 8101 DIA=2

 

WDINTERNAL WD2W02

HTTP WDINTERNAL 8102

DIAG WDINTERNAL 8102 DIA=2

 

====WD00===  icgroups.txt

 

version 1.0

WDINTERNAL WD1W01

WDINTERNAL WD2W02

 

SX1: WDINTERNAL WD1W01

SX2: WDINTERNAL WD2W02

 

====WD00=== urlinfo.txt

 

version 1.0

PREFIX=/sap/bc/&GROUP=SX1

PREFIX=/sap/public/&GROUP=SX2

 

When I want to connect, the dev_wdisp shows the following errors:

 

Thr 4636] Fri May 06 11:00:25 2011

[Thr 4636] *** ERROR => missing host name [ictxxroute_r 3611]

[Thr 4636] *** ERROR => syntax error in text description near line 2 [ictxxroute_r 4202]

[Thr 4636] *** ERROR => IcrUpdateServerPoolFromDescrString() failed 6 [icrxx.c 3892]

and

 

[Thr 4864] Fri May 06 11:35:22 2011

[Thr 4864] *** ERROR => no valid destination server available for 'SX1' rc=14 [http_route.c 3360] [Thr 4864] *** WARNING => redirect failed request to foreign destination '!ALL' [http_route.c 3384] [Thr 4864] *** WARNING => original destination was 'SX1' [http_route.c 3387] [Thr 4864] *** ERROR => no valid destination server available for '!ALL' rc=13 [http_route.c 3360]

[Thr 4864] *** WARNING => redirect failed request to foreign destination '!ALL' [http_route.c 3384]

[Thr 4864] *** WARNING => original destination was '!ALL' [http_route.c 3387]

[Thr 4864] *** ERROR => no valid destination server available for '!ALL' rc=13 [http_route.c 3360]

 

Can anybody help me to find the problem?

How can I configure SSL in this scenario?

Thanks a lot.

  • Re: Web Dispatcher configuration issue - cascade and ssl
    Sri M
    Currently Being Moderated

    1. edit the sapwebdisp profile using a editor, remove the SAPGLOBHOST and enter this value icm/host_name_full = W00 webdispatcher hostname

     

    2. I would go with SSL Termination at W00 level so input this parameter: wdisp/ssl_encrypt = 0

     

    3. W00 require a port to listen HTTPS connections, so put icm/server_port_1 = PROT=HTTPS, PORT=XXXX, TIMEOUT=15, PROCTIMEOUT=45

     

    Restart the webdispatcher.

     

    Let me know.

     

    Regards

    SM.

    • Re: Web Dispatcher configuration issue - cascade and ssl
      Bernd Speckmann
      Currently Being Moderated

      Hi,

      thanks for your answer. I tried it, but the problem still exists. Can anybody provide a complete working configuration?

       

      Thanks ahead,

      Bernd

      • Re: Web Dispatcher configuration issue - cascade and ssl
        Sri M
        Currently Being Moderated

        Paste the dev_webdisp here.

         

        Thanks

        SM

        • Re: Web Dispatcher configuration issue - cascade and ssl
          Bernd Speckmann
          Currently Being Moderated

           

          -


           

          trc file: "dev_webdisp", trc level: 1, release: "720"

          -


           

          sysno 00

          sid WD0

          systemid 562 (PC with Windows NT)

          relno 7200

          patchlevel 0

          patchno 24

          intno 20020600

          make multithreaded, Unicode, 64 bit, optimized

          profile C:\usr\sap\WD0\SYS\profile\WD0_W00_sapweb

          pid 4012

           

           

          [Thr 3140] Wed May 11 16:54:12 2011

          [Thr 3140] started security log to file ./dev_icm_sec

          [Thr 3140] SAP Web Dispatcher running on: sapweb.emgl.loc

          [Thr 3140] MtxInit: 30001 0 2

          [Thr 3140] ***LOG IM1=> IcmInit, Startup (SAP Web Dispatcher&sapweb.emgl.loc&4012&) [icxxrout.c 1871]

          [Thr 3140] IcmInit: listening to admin port: 65000

          [Thr 3140] MPI: dynamic quotas disabled.

          [Thr 3140] MPI init: pipes=4000 buffers=1279 reserved=383 quota=10%

          [Thr 3140] CCMS: AlInitGlobals : alert/use_sema_lock = TRUE.

          [Thr 3140] CCMS: Initalized shared memory of size 60000000 for monitoring segment.

          [Thr 3140] CCMS: Checking Downtime Configuration of Monitoring Segment.

          [Thr 3140] IcrCoreInitSessionTable: Session table initialized

          [Thr 4712] HttpExtractArchive: files from archive
          sapweb\sapmnt\WD0\SYS\exe\uc\NTAMD64/wdispadmin.SAR in directory C:/usr/sap/WD0/W00/data/icmandir are up to date

          [Thr 4712] HttpISubHandlerAdd: Added handler HttpAdminHandler(0000000001AC2F30), slot=0, flags=36869) for /sap/admin, active: 1, table 0000000001AC3370

          [Thr 4712] HttpISubHandlerAdd: Added handler HttpModHandler(0000000001AC37D0), slot=1, flags=12293) for /, active: 1, table 0000000001AC3370

          [Thr 4712] CsiInit(): Initializing the Content Scan Interface

          [Thr 4712] PC with Windows NT (mt,unicode,SAP_CHAR/size_t/void* = 16/64/64)

          [Thr 4712] CsiInit(): CSA_LIB = "
          sapweb\sapmnt\WD0\SYS\exe\uc\NTAMD64\sapcsa.dll"

          [Thr 4712] HttpISubHandlerAdd: Added handler HttpAuthHandler(0000000001AC3A70), slot=2, flags=12293) for /, active: 1, table 0000000001AC3370

          [Thr 4712] HttpISubHandlerAdd: Added handler HttpWebDispHandler(0000000001ACCCC0), slot=3, flags=1060869) for /, active: 1, table 0000000001AC3370

          [Thr 4712] Started service 8100 for protocol HTTP on host "sapweb.emgl.loc"(on all adapters) (processing timeout=60, keep_alive_timeout=60)

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 0

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 1

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 2

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 3

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 4

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 5

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 6

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 7

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 8

          [Thr 3140] IcmCreateWorkerThreads: created worker thread 9

          [Thr 4300] IcmWatchDogThread: watchdog started

          [Thr 1504] *** ERROR => missing host name [ictxxroute_r 3611]

          [Thr 1504] *** ERROR => syntax error in text description near line 2 [ictxxroute_r 4202]

          [Thr 1504] *** ERROR => IcrUpdateServerPoolFromDescrString() failed 6 [icrxx.c 3892]

           

          [Thr 3192] Wed May 11 16:54:38 2011

          [Thr 3192] *** ERROR => missing host name [ictxxroute_r 3611]

          [Thr 3192] *** ERROR => syntax error in text description near line 2 [ictxxroute_r 4202]

          [Thr 3192] *** ERROR => IcrUpdateServerPoolFromDescrString() failed 6 [icrxx.c 3892]

           

          [Thr 3496] Wed May 11 16:55:03 2011

          [Thr 3496] *** ERROR => missing host name [ictxxroute_r 3611]

          [Thr 3496] *** ERROR => syntax error in text description near line 2 [ictxxroute_r 4202]

          [Thr 3496] *** ERROR => IcrUpdateServerPoolFromDescrString() failed 6 [icrxx.c 3892]

           

          [Thr 4028] Wed May 11 16:55:09 2011

          [Thr 4028] *** ERROR => no valid destination server available for 'DE1' rc=14 [http_route.c 3360] [Thr 4028] *** WARNING => redirect failed request to foreign destination '!ALL' [http_route.c 3384] [Thr 4028] *** WARNING => original destination was 'DE1' [http_route.c 3387] [Thr 4028] *** ERROR => no valid destination server available for '!ALL' rc=13 [http_route.c 3360]

          [Thr 4028] *** WARNING => redirect failed request to foreign destination '!ALL' [http_route.c 3384]

          [Thr 4028] *** WARNING => original destination was '!ALL' [http_route.c 3387]

          [Thr 4028] *** ERROR => no valid destination server available for '!ALL' rc=13 [http_route.c 3360]

           

           

          Edited by: Bernd Speckmann on May 11, 2011 4:58 PM

Actions