Introduction:

I was occasionally asked to download the EWA report generated in the  Solution Manager  for some managed systems.

The browser displays “Site Not secured…” whenever I enter the transaction code “SM_WORKCENTER.”

This article described the step-by-step procedure to resolve the issue  “Site not secured “.

Investigation:

As indicated above, type the Tcode SM_WORKCENTER or if it’s available, double-click SM_WORKCENTER in your favourite list .

This changes the display to the one below that of the browser. It’s known as Webdynapro.

As shown highlighted in Yellow color, Two Error codes appeared viz

“DLG_FLAGS_INVALID_CA”  and

“DLG_FLAGS_SEC_CERT_CN_INVALID”

• DLG_FLAGS_INVALID_CA    – The website certificate is not installed correctly The website certificate has expired or the administrator does not renew it.
• DLG_FLAGS_SEC_CERT_CN_INVALID – SSL Server not configured or SSLS  not correctly  configured in the SAP Application  Server.

Finding:

Open SAPgui, Login to productive client .

Enter Tcode STRUSTSSO2  or STRUST in any client .

The SSL server Standard was not configured, as may be seen below.

Solution :

1. Solution to fix “DLG_FLAGS_SEC_CERT_CN_INVALID” issue

Note down the hostname of the  Application server. You will find the hostname in tcode SM51

or in the menu path, click System —>Status,

Then scroll down as shown below, You can see the hostname in the server name highlighted in the red color  in the Host data Section.

Also, note down the domain name of the application server  by entering tcode RZ11, type *fqdn*  and  hit Display button as shown below

You can see the output value in the Current value field as seen below.

Enter tcode STRUST or STRUSTSSO2 and press enter key

Click the Pen symbol to switch from Display to Change mode i.e. edit mode as shown above.

Place the mouse cursor on SSL Server Standard, click the right button of a mouse, then click Create as shown below.

A new pop-up screen appeared as shown below

As shown above, in the Name field, the value “*.<sapfqdn>”  (as obtained from rz11 tcode)  will be displayed by default.

Replace the star (*) symbol with the actual hostname (as obtained in tcode SM51)

(hostname.<domain_name i.e. fqdn>) in the Name field

Then press enter key  as shown above.

The status was changed to Green. See the Red color highlighted as shown above.

Click Save .

Double click on the yellow color highlighted as shown above .  value got  populated in the certificate section as shown below highlighted in the red color

Save and  close STRUST or STRUSTSSO2 screen.

Enter tcode SM_WORKCENTER or double click on it if it is available in your favourite list  (highlighted in the orange color)  as shown below

As you can see above,” DLG_FLAGS_SEC_CERT_CN_INVALID”  issue was cleared.

Only one error code : “DLG_FLAGS_INVALID_CA”  appeared in the browser

Need to fix another issue “DLG_FLAGS_INVALID_CA“. The procedure to fix this issue is described below

2.  Solution to fix “DLG_FLAGS_INVALID_CA” issue

Click on “Go on to the webpage (not recommended)”  as shown below

Then click the downward arrow key on the right side of the screen before the Certificate error as shown below:

Click “View certificate” highlighted in yellow  color as shown above.

Click Install Certificate

Select Current user and then click Next as shown above.

Select “Place all certificates in the following store”, click Browse  then you can see a pop-up screen as shown below

Select “Trusted Root Certificate Authorities” and then click OK as shown above.

Then click Next as shown above

Click Finish button as shown above.

Click Yes

Click Ok.

Then Go back to the sapgui screen

Enter tcode SM_WORKCENTER or double click SM_WORKCENTER in the favorite if it is available  as shown below

As shown above, the Error message “Site not secured” was not showing in the browser.

Conclusion:

SSLS can be configured in an application server .

ALso you can Install and download the certificate in the browser in order to resolve  Site not secure issue.

In the case of the Production system, there can  be more than one application server. So you can  replace  star symbol i.e. “*” with hostname.<domain name> of an application server in  the CN field in tcode STRUST where one  enter the transaction code “SM_WORKCENTER.”

Thanks for reading!

Follow for more such posts by clicking on FOLLOW => Prasad Rao

Please share your thoughts and feedback on this blog in a comment.