SAP Knowledge Base Article - Preview

1892723 - Active Sockets of SSL Provider service shows blank/disappear after system restart /service restart in Visual Administrator

Symptom

  • You applied new SSL certificate or so, and then restart system -> "SSL Provider Service".
  • The Active Sockets of SSL Provider service shows blank or disappears when you click on "SSL Provider" service under Runtime tab.
    "Active Sockets" shows as blank without anything as following:
  • VA-SSL.jpg
  • Meanwhile, you will find below exception in defaulttrace.trc:

    #com.sap.engine.services.ssl##com.sap.engine.services.ssl#######SAPEngine_System_Thread[impl:6]_62##0#0#Error#1#/System/Security/SSL#Java###Source: com.sap.engine.services.
    keystore.exceptions.BaseRemoteException: Remote call errored;
    Description: SSL server identity keystore view not found;
    Consequences: SSL transport protocol not available;
    Countermeasures:create keystore view "service_ssl" with at least one private key entry, restart the SSL service##

    #1.5##E41F134EBB28000C000000090088000E000495DB7F3496A8#1290669871370#com.sap.engine.services.ssl##com.sap.engine.services.ssl#######SAPEngine_System_Thread[impl:6]_62##0#0#Error##Java###SSL server
    identity keystore view not found
    [EXCEPTION]
     {0}#1#com.sap.engine.services.keystore.exceptions.BaseRemoteException:
     Remote call errored

    Caused by: java.security.KeyStoreException: Cannot get root keystore view configuration: A configuration with the path "keystore" does not exist.
  • If you further use DiagTool (Note#1019634) and you are able to find below error information within Diag tool trace:

    -----------------------------------------------------------------------
       Checking SSL server socket # [node: 3340500, type: p4, port: 50006]
    ....
     Missing keystore entry [service_ssl : ssl-credentials] set as server
    credentials.
       SSL server socket# [node: 3340500, type: p4, port: 50006] NOT OK.

   Checking SSL server socket # [node: 3340500, type: iiop, port:
50003] ....
 Missing keystore entry [service_ssl : ssl-credentials] set as server
credentials.
   SSL server socket# [node: 3340500, type: iiop, port: 50003] NOT OK.

   Checking SSL server socket # [node: 3340500, type: http, port:
50001] ....
 Missing keystore entry [service_ssl : PSPSSL] set as server
credentials.
   SSL server socket# [node: 3340500, type: http, port: 50001] NOT OK.
-----------------------------------------------------------------------


Read more...

Environment

SAP NetWeaver 7.0X

Product

SAP NetWeaver 7.0 ; SAP enhancement package 1 for SAP NetWeaver 7.0 ; SAP enhancement package 2 for SAP NetWeaver 7.0 ; SAP enhancement package 3 for SAP NetWeaver 7.0

Keywords

active sockets, active sockets blank, default value, ssl provider, service, visual administrator, VA, http provider, key storage, dispatcher, server node, Configuration Adapter, 50001, 5<XX>01 port, service_ssl, ssl, socketConfiguration.propeties, https not working , KBA , BC-JAS-SEC , Security, User Management , BC-JAS-ADM-ADM , Administration , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.