Symptom
When trying to access a system through an SAP Web Dispatcher, a "service not available" message is returned.
If the system is hosted on SAP HEC environment, the message can also be similar to the following:
Our service is not available at the moment. Please try again later.
We apologize for the trouble caused.
The dev_webdisp trace file has the following entries written repeatedly:
(...)
[Thr 139626725730048] *** WARNING => Failed to read group info for system [SID of backend system] (ABAP,HTTPS): Connection request to partner failed(-20) [icrxx.c 3745]
[Thr 139626725730048] SSL_get_state()==0x2131 "TLS read server certificate B"
[Thr 139626725730048] *** ERROR during secussl_read() from SSL_read()==SSL_ERROR_SSL
[Thr 139626725730048] cli SSL session PSE "/usr/sap/[SID of Web Disp.]/[Web Disp. Instance name]/sec/SAPSSLC.pse"
[Thr 139626725730048] session ciphersuites=150:PFS:HIGH::EC_P256:EC_HIGH
[Thr 139626725730048] Client SSL_CTX 7efd5c08a130 pvflags=896 (TLSv1.2,TLSv1.1,TLSv1.0)
[Thr 139626725730048] TLSextSNI server_name="[hostname of backend system]"
[Thr 139626725730048] secussl_read: SSL_read() failed (536872221/0x2000051d)
[Thr 139626725730048] => "Failed to verify peer certificate. Peer not trusted."
(...)
When accessing the Web Dispatcher Web Admin UI, the application servers of the backend have a red triangle with the message "server is not reachable: SSSLERR_CLIENT_CERT_UNTRUSTED":
The message can also be "Server is not reachable: SSL peer certificate untrusted".
Read more...
Environment
- SAP NetWeaver
- ABAP Platform
- SAP Web Dispatcher
Product
Keywords
503, 503 Service not available , KBA , BC-CST-WDP , Web Dispatcher , BC-CST , Client/Server Technology , BC-SEC-SSL , Secure Sockets Layer Protocol , XX-HST-OPR , Technical Operations , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.