Symptom
Accessing a system through the SAP Web Dispatcher stops working suddenly.
The SAP Web Dispatcher trace file (dev_webdisp) logs the following error:
[Thr nnn] [date and time]
[Thr nnn] SSL_get_state()==0x2171 "TLS write client certificate B"
[Thr nnn] *** ERROR during secussl_read() from SSL_read()==SSL_ERROR_SSL
[Thr nnn] cli SSL session PSE "/usr/sap/SID/Wxx/sec/SAPSSLC.pse"
[Thr nnn] session ciphersuites=560:PFS:HIGH::EC_P256:EC_HIGH
[Thr nnn] Client SSL_CTX 11163cd30 pvflags=512 (TLSv1.2)
[Thr nnn] TLSextSNI server_name="abap_srv.example.com"
[Thr nnn] secussl_read: SSL_read() failed (101/0x00000065)
[Thr nnn] => "Own certificate (chain) is expired, corrupt or not yet valid."
[Thr nnn] >> ---------- Begin of Secu-SSL Errorstack ---------- >>
[Thr nnn] 0x00000065 | SAPCRYPTOLIB | SSL_read
[Thr nnn] SAPCRYPTO API error
[Thr nnn] Own certificate (chain) is expired, corrupt or not yet valid.
[Thr nnn] 0xa0600299 | SSL_ | ssl3_read_bytes
[Thr nnn] own certificate (chain) is expired - cannot be used for authentication
[Thr nnn] 0xa0600299 | SSL_ | ssl3_connect
[Thr nnn] own certificate (chain) is expired - cannot be used for authentication
[Thr nnn] 0xa0600299 | SSL_ | ssl3_send_client_certificate
[Thr nnn] own certificate (chain) is expired - cannot be used for authentication
[Thr nnn] 0xa0600299 | SSL_ | ssl3_output_cert_chain
[Thr nnn] own certificate (chain) is expired - cannot be used for authentication
[Thr nnn] << ---------- End of Secu-SSL Errorstack ----------
[Thr nnn] Target Hostname="abap_srv.example.com"
[Thr nnn] SSL NI-hdl 285: unix domain socket="/tmp/.sapicm8449"
[Thr nnn] <<- ERROR: SapSSLSessionStartNB(sssl_hdl=111ec3130)==SSSLERR_SSL_READ
[Thr nnn] *** ERROR => IcmConnPoolStartSsl: SapSSLSessionStartNB failed (-58): SSSLERR_SSL_READ [icxxpool.c 3172]
Read more...
Environment
- SAP Web Dispatcher
- SAP NetWeaver based system
- ABAP Platform based system
Product
Keywords
KBA , BC-CST-WDP , Web Dispatcher , BC-CST , Client/Server Technology , BC-SEC-SSL , Secure Sockets Layer Protocol , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.