last Changed: 16th of May 2023
login/accept_sso2_ticket = 1
login/create_sso2_ticket = 3
### >>> these following Parameters are added to the Instance Profile <<<
SETENV_06 = SECUDIR=$(DIR_INSTANCE)$(DIR_SEP)sec
SETENV_16 = SAPSSL_CLIENT_SNI_ENABLED=TRUE
SETENV_17 = SAPSSL_CLIENT_CIPHERSUITES=918:PFS:HIGH::EC_X25519:EC_P256:EC_HIGH
SETENV_18 = SAPSSL_CIPHERSUITES=903:PFS:HIGH::EC_X25519:EC_P256:EC_HIGH
### >>> these following Parameters must reside in the DEFAULT.pfl <<<
icm/HTTPS/client_sni_enabled = TRUE
ssl/client_sni_enabled = TRUE
ssl/client_ciphersuites = 918:PFS:HIGH::EC_X25519:EC_P256:EC_HIGH
ssl/ciphersuites = 903:PFS:HIGH::EC_X25519:EC_P256:EC_HIGH
sapgenpse tlsinfo -v -c 918:PFS:HIGH::EC_X25519:EC_P256:EC_HIGH
sapgenpse tlsinfo -v -p /usr/sap/B4H/D03/sec/SAPSSLS.pse 903:PFS:HIGH::EC_X25519:EC_P256:EC_HIGH
=================================================
= SSL Initialization platform tag=(linuxx86_64_gcc43)
= (753_REL patchno 917,Dec 25 2021,mt,ascii-uc, 16/64/64)
= Initialization with _no_ default credentials
= resulting Filename = "/usr/sap/<SID>/ASCS<nr>/exe/libsapcrypto.so"
= disabled FIPS 140-2 crypto kernel
= found CommonCryptoLib 8.5.42 (Jan 25 2022) [AES-NI,CLMUL,SSE3,SSSE3]
= current UserID: "b4hadm", env-var USER="b4hadm"
= found SECUDIR environment variable
= using SECUDIR=/usr/sap/<SID>/ASCS<nr>/sec
= [dpf] ssl/ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
= [dpf] ssl/client_ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
= Server SSL_CTX 7ff8c0025e50 pvflags=897 (TLSv1.2,TLSv1.1,TLSv1.0,BC)
= Server ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
= Client SSL_CTX 7ff8c00414e0 pvflags=896 (TLSv1.2,TLSv1.1,TLSv1.0)
= Client ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
= AnonClient SSL_CTX 7ff8c005b970 pvflags=896 (TLSv1.2,TLSv1.1,TLSv1.0)
= AnonClient ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
= Success SapCryptoLib SSL ready!
=================================================
ssfPkiInitSAPCryptolib: SsfSupInitEx("/usr/sap/<SID>/ASCS<nr>/exe/libsapcrypto.so")==0 (SSF_SUP_OK)
found CommonCryptoLib 8.5.41 (Nov 25 2021) [AES-NI,CLMUL,SSE3,SSSE3]
SSL for internal communication enabled
MsSAutoReloadCredHdl: reload thread for system pki started, check #_MemPSE_#977588676159946000000001 every 60 seconds
load acl file = /usr/sap/<SID>/SYS/global/ms_acl_info
List of entries found in /usr/sap/<SID>/SYS/global/ms_acl_info
[001] localhost [::] (VALID)
[002] server.domain.ext [10.x.y.z] (VALID)
[003] * [::] (VALID)
MsGetOwnIpAddr: my host addresses are :
1 : [10.x.y.z] (HOSTNAME)
2 : [127.0.0.1] (LOCALHOST)
3 : [169.x.y.z] (NILIST)
MsHttpInit: full qualified hostname = server.domain.ext
HTTP logging is switch off
set HTTP state to LISTEN
*** HTTP port 8211 state LISTEN ***
MsSAutoReloadSSLHdl: reload thread for SSL started, check /usr/sap/<SID>/ASCS<nr>/sec/SAPSSLC.pse and /usr/sap/<SID>/ASCS<nr>/sec/SAPSSLS.pse every 60
set HTTPS state to LISTEN
Tue Jan 11 12:18:44:801 2022
*** HTTPS port 8311 state LISTEN ***
MsHttpOwnDomain: own domain[1] = wdf.sap.corp
*** I listen to port sapms<SID> (3611) ***
*** I listen to internal port 3911 (3911), ssl protected ***
*** HTTP port 8211 state LISTEN ***
*** HTTPS port 8311 state LISTEN ***
CUSTOMER KEY: >Z0911157974<
compatibility level = 1
build version=753.2021.07.20
read logon groups from previously stored file <SID>_msg_server_adtl_storage
Server state ACTIVE
***LOG S00=> GwInitReader, gateway started ( 157507) [gwxxrd.c 2442]
gateway (version=753.2021.08.31 (with SSL support))
gw/delete_local_comm_adm : 1
gw/logging : ACTION=Ss LOGFILE=gw_log-%y-%m-%d SWITCHTF=day MAXSIZEKB=100
gw/sim_mode : set to 1
gw/reg_no_conn_info = 129
NI buffering disabled
CCMS: initialize CCMS Monitoring for ABAP instance with J2EE addin.
CCMS: SemInMgt: Initializing Semaphore Management in AlAttachShm_Doublestack.
CCMS: SemInit: Semaphore 38 initialized by AlAttachShm_Doublestack.
Tue Jan 11 12:18:58:747 2022
GwIInitSecInfo: secinfo version = 2
GwIRegInitRegInfo: reg_info file /usr/sap/<SID>/SYS/global/reginfo not found
=================================================
= SSL Initialization platform tag=(linuxx86_64_gcc43)
= (785_REL patchno 116,Apr 1 2022,mt,ascii-uc, 16/64/64)
= Initialization with _no_ default credentials
= resulting Filename = "/usr/sap/B4H/D03/exe/libsapcrypto.so"
= disabled FIPS 140-2 crypto kernel
= found CommonCryptoLib 8.5.42 (Jan 25 2022) [AES-NI,CLMUL,SSE3,SSSE3]
= current UserID: "b4hadm", env-var USER="b4hadm"
= found SECUDIR environment variable
= using SECUDIR=/usr/sap/B4H/D03/sec
= [dpf] ssl/client_pse=/usr/sap/B4H/D03/sec/SAPSSLC.pse
= resulting Filename = "/usr/sap/B4H/D03/sec/SAPSSLC.pse"
= Envvar SAPSSL_CLIENT_SNI_ENABLED=TRUE
= automagic TLS extension SNI enabled
= [dpf] ssl/ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
= [dpf] ssl/client_ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
= Success SapCryptoLib SSL ready!
=================================================
ssfPkiInitSAPCryptolib: SsfSupInitEx("/usr/sap/B4H/D03/exe/libsapcrypto.so")==0 (SSF_SUP_OK)
found CommonCryptoLib 8.5.42 (Jan 25 2022) [AES-NI,CLMUL,SSE3,SSSE3]
= Server SSL_CTX 558a3cc2dfc0 pvflags=897 (TLSv1.2,TLSv1.1,TLSv1.0,BC)
= Server ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
= Client SSL_CTX 558a3cc33910 pvflags=896 (TLSv1.2,TLSv1.1,TLSv1.0)
= Client ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
gateway ssl port 3403 defined in profile
Bind service sapgw03 (socket) to port 3303
Bind service 3403 (socket/ssl) to port 3403
GW_ADM published
IcmAddHiddenService: Hidden service WEBSOCKET started
IcmAddHiddenService: Hidden service H2 started
Started service PORT=8003,PROT=HTTP,TIMEOUT=2000,PROCTIMEOUT=600
IcmAddHiddenService: Hidden service WEBSOCKETS started
Added service PORT=8103,PROT=HTTPS,TIMEOUT=2000,PROCTIMEOUT=600,VCLIENT=1,SSLCONFIG=ssl_config_1
Started service PORT=2503,PROT=SMTP,TIMEOUT=2000,PROCTIMEOUT=600
IcmNetCheck: network check passed without detecting problems
Wed Apr 13 11:36:58:143 2022
=================================================
= SSL Initialization platform tag=(linuxx86_64_gcc43)
= (785_REL patchno 116,Apr 1 2022,mt,ascii-uc, 16/64/64)
= resulting Filename = "/usr/sap/B4H/D03/exe/libsapcrypto.so"
= disabled FIPS 140-2 crypto kernel
= found CommonCryptoLib 8.5.42 (Jan 25 2022) [AES-NI,CLMUL,SSE3,SSSE3]
= current UserID: "b4hadm", env-var USER="b4hadm"
= found SECUDIR environment variable
= using SECUDIR=/usr/sap/B4H/D03/sec
= [dpf] ssl/client_pse=/usr/sap/B4H/D03/sec/SAPSSLC.pse
= resulting Filename = "/usr/sap/B4H/D03/sec/SAPSSLC.pse"
= Envvar SAPSSL_CLIENT_SNI_ENABLED=TRUE
= automagic TLS extension SNI enabled
= [dpf] ssl/ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
= [dpf] ssl/client_ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
= Server SSL_CTX 7ff8c0025e50 pvflags=897 (TLSv1.2,TLSv1.1,TLSv1.0,BC)
= Server ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
= Client SSL_CTX 7ff8c00414e0 pvflags=896 (TLSv1.2,TLSv1.1,TLSv1.0)
= Client ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
= AnonClient SSL_CTX 7ff8c005b970 pvflags=896 (TLSv1.2,TLSv1.1,TLSv1.0)
= AnonClient ciphersuites=918:PFS:HIGH::EC_P256:EC_HIGH
= Success SapCryptoLib SSL ready!
=================================================
= Server SSL_CTX 7ff8c0078f20 pvflags=897 (TLSv1.2,TLSv1.1,TLSv1.0,BC)
= Server ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
SSL/TLS: Caller requests enabling of automagic addition of TLSextSNI
= Server SSL_CTX 7ff8c00943c0 pvflags=897 (TLSv1.2,TLSv1.1,TLSv1.0,BC)
= Server ciphersuites=903:PFS:HIGH::EC_P256:EC_HIGH
Activated service PORT=8103,PROT=HTTPS,TIMEOUT=2000,PROCTIMEOUT=600,VCLIENT=1,SSLCONFIG=ssl_config_1
SSL settings: verify_client: 1, cache_size: -1, cache_lifetime: -1, credfile: SAPSSLS.pse, ciphers: default, alpn:sap-h2:h2:http/1.1
*** ICM up and operational (pid: 137335, HTTP: 8003, HTTPS: 8103) ***
HttpExtractArchive: files from archive /usr/sap/B4H/D03/exe/ITS.SAR in directory /usr/sap/B4H/D03/data/icmandir are up to date
***LOG IM3=> ICM, Startup (ICM&137335&) [IoEngine.cpp 134]
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
6 | |
5 | |
4 | |
4 | |
3 | |
3 | |
3 | |
3 | |
3 | |
2 |