/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
In the ICM logs is possible to see the issue bellow where Cloud connector is not sending the system certificate :
====
[Thr 140115279902464] <<- SapSSLGetPeerInfo(sssl_hdl=7f6ef8024ba0)==SAP_O_K
[Thr 140115279902464] out: cert_len = <no cert>
[Thr 140115279902464] out: csuite_name = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
[Thr 140115279902464] HttpIsReverseProxyTrustworthy: intermediary is NOT trusted
====
or
====
There is external LB(like Azure Load Balancer) in front of SAP Web Dispatcher, in dev_webdisp following errors can be seen:
SSL Session Initialization
SapSSLSessionInit()
role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT)
...
Connection Info: role=Server, local=<WDP hostname>:<WDP port>, peer=<External LB IP>, protocol=HTTPS
...
Client certificate info: no certificate received
====
"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."
Read more...
Environment
- SAP Cloud Connector(SCC);
- SAP AS ABAP netweaver backend system.
Keywords
HTTPS, no cert, trusted, allowlist, certificate, principal propagation, ELB-HealthChecker, mtls, CERTRULE, ICM, sample certificate, cert, PP, Principal proapgation, SSL, TLS , KBA , BC-MID-SCC , SAP Cloud Connector On-Demand/On-Premise Connectivity , BC-CST-WDP , Web Dispatcher , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)