We are having issues with our SSL connection to the SAP Web AS. Below is the error in the log files:
[Thr 472] =================================================
[Thr 472] = SSL Initialization on PC with Windows NT
[Thr 472] = (700_REL,Jul 14 2008,mt,ascii,SAP_UC/size_t/void* = 8/32/32)
[Thr 472] profile param "ssl/ssl_lib" = "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sapcrypto.dll"
resulting Filename = "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sapcrypto.dll"
[Thr 472] profile param "ssl/server_pse" = "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse"
resulting Filename = "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse"
[Thr 472] profile param "ssl/client_pse" = "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\SAPSSLC.PSE"
resulting Filename = "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\SAPSSLC.PSE"
[Thr 472] = found SAPCRYPTOLIB 5.5.5C pl24 (Jun 11 2008) MT-safe
[Thr 472] = current UserID: NT AUTHORITY\SYSTEM
[Thr 472] = found SECUDIR environment variable
[Thr 472] = using SECUDIR=c:\program files\sap\sapwebdisp\
[Thr 472] *** ERROR => secudessl_Create_SSL_CTX(): PSE "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse" not found! [ssslsecu.c 1354]
[Thr 472] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --
secude_error 1824 (0x00000720) = "Wrong or Missing PIN for PSE"
[Thr 472] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 472] ERROR in SSL_CTX_set_default_pse_by_name: (1824/0x0720) Wrong or Missing PIN for PSE : "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse"
ERROR in ssl_set_pse: (1824/0x0720) Wrong or Missing PIN for PSE : "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse"
ERROR in af_open: (1824/0x0720) Wrong or Missing PIN for PSE : "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse"
ERROR in secsw_open: (1824/0x0720) Wrong or Missing PIN for PSE : "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse"
ERROR in sec_parse_PSEInfo_cont: (1824/0x0720) Wrong or Missing PIN for PSE : "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<Our PSE>.pse"
[Thr 472] << -
End of Secude-SSL Errorstack -
[Thr 472] *** ERROR => SapISSLAddCredential(): Error SSSLERR_PSE_ERROR trying to create SERVER Credential
for "C:\Program Files\SAP\SAPWebDisp\DEV\<Our Site>\sec\<OurPSE>.pse" [ssslxxi.c 2278]
[Thr 472] Tue Mar 31 13:30:06 2009
[Thr 472] *** ERROR => Initialization of SSL library failed -- NO SSL available!
[Thr 472] =================================================
[Thr 472] <<- ERROR: SapSSLInit(read_profile=1)==SSSLERR_PSE_ERROR
[Thr 472] *** ERROR => IcmAddService: SapSSLInit (rc=-40): SSSLERR_PSE_ERROR [icxxserv.c 319]
[Thr 3744] IcmCreateWorkerThreads: created worker thread 0
[Thr 2952] *** ERROR => IcmConnClientRqCreate: No service for protocol HTTPS started [icxxconn.c 2701]
[Thr 2952] *** ERROR => IcmConnClientRqCreate() failed (rc=-1) [icrxx.c 5234]
[Thr 2952] *** ERROR => Could not connect to SAP Message Server at onebase. URL=/msgserver/text/logon?version=1.2 [icrxx.c 2591]
[Thr 2952] *** ERROR => rc=-1, HTTP response code: 0 [icrxx.c 2592]
[Thr 2952] *** ERROR => see also OSS note 552286 [icrxx.c 2593]
[Thr 3744] IcmCreateWorkerThreads: created worker thread 1
[Thr 3744] IcmCreateWorkerThreads: created worker thread 2
[Thr 3744] IcmCreateWorkerThreads: created worker thread 3
[Thr 3744] IcmCreateWorkerThreads: created worker thread 4
[Thr 3292] IcmWatchDogThread: watchdog started
I've already used sapgenpse seclogin -p <PSE File> -x <PIN> to create a pin. I've also gone and deleted the old pin that used to be there and created a new one.
Also I noticed it says "Beware: changing a PIN of a PSE will not auto-update the SSO-credential
Beware: adding a new credential will not auto-update an existing credential"
So once you change it how do you update it? Do you need to reboot the Web Dispatcher or do you just need to restarted the service?