01-22-2009 12:50 PM
Hi,
Can anyone tell me the regarding the configuration SAP EP systems in HTTPS and SSL.
The scenario is Client -->Application gateway( Web Dispatcher) -->EP6
Regards,
Moulinath Ray
01-22-2009 2:54 PM
Hi,
I am giving to you the steps we do for our securization (EP 7.0):
Prerequisites:
-Download SAP Cryptographic ToolKit at http://service.sap.com/ swdc and -> SAP Crypto-graphic Software -> SAP JAVA CryptoToolkit (J2EE Engine as of Release 6.30)
-Unzip it with SAPCAR
Logon in SDM and deploy the file
Check in Visual Admin -> Dispatcher/Server -> Libraries -> core_libs iaik_jce.jar is included
Loof for SSL Service in Config Tool in Server and Dispatcher, it should be "always"
Steps:
-Asking for a certificate
Visual Admin -> Cluster -> Server (central instance ) -> Services -> Key storage -> Service_ssl -> Create
Fill in all the data, and be careful with the common name:
-It shouldn´t have "http" or "https" on it
-It shouldn´t have port number on it
For example: "https
www.myportal.domain:port", the common name should be "www.myportal.domain"
Visual Admin -> Key Storage -> service_ssl -> Select your certificate and u201CGenerate CSR Requestu201D
Send the file to a CA
-Importing the validated certificate:
Visual Admin -> Key Storage -> Import CSR Response
In each Server, under SSL Provider, assign the certificate to port 50001, in each Dispatcher
Now, the portal is secure, and you can check it now.
A last step would be export the certificate and send it to your Network Team, so they can export it in the load balancing server, reverse proxy, etc.
You can have a look at this link:
http://help.sap.com/saphelp_nw04/helpdata/en/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm
Some of the threads link:
Regards,
Niraj
Edited by: Niraj Kumar on Jan 22, 2009 3:59 PM
01-22-2009 3:57 PM
Hello,
you can check also this post /thread/1207698 [original link is broken]
(the post from where the above post was copied)
01-23-2009 11:04 AM
01-27-2009 11:20 AM
Hi,
This is another scenario.Kindly provide your valuable inputs.
I have ECC6.0 IDES with ABAP+JAVA.
Currently I am using http://<hostname>:<port>/sap/bc/gui/sap/its/webgui to access the application server from internet.
Now how to switch to https?
I searched in help.sap.com and found how to configure SSL on WebAS ABAP , WebAS JAVA. But as I have ABAP+JAVA, I am confused which one to follow
Regards,
Moulinath Ray
Edited by: Moulinath Ray on Jan 27, 2009 12:21 PM
01-27-2009 11:03 PM
You set up HTTPS on the ICM port as per the ABAP instructions and HTTPS on the Java dispatcher port as per the Java instructions...
01-28-2009 11:04 AM
Hi,
Can you please let me know whether I have to follow all steps in the link below.
[http://help.sap.com/saphelp_nw70/helpdata/EN/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm]
Thanks and Regards,
Moulinath Ray
01-28-2009 11:07 AM
01-30-2009 6:41 AM
Hi Nicholls,
Can you please guide me in details of the first part i.e. installation of SAPCRYPTOLIB for ABAP part?
I am not getting the document properly.
I am telling you what I have done.
1. I have downloaded the SAP Cryptoghraphic library for my platform.Two files were there--one is CAR file and another is SAR file.
After that probably
1. I have to extarct the files ( which one SAR or CAR? and how (with which command?))
2. After extraction, I'll get a file libsapcrypto.so. I have to put this into $DIR_EXECUTABLE directory.
What should be the exact path for $DIR_EXECUTABLE?
I have checked that in my system $DIR_EXECUTABLE=home/<sidadm>
Please let me know the exact path where I have to put libsapcrypto.so
3. I have to set the environment variable SECUDIR to the directory $DIR_INSTANCE/sec.
What should be the exact path for $DIR_EXECUTABLE?
I have checked that in my system $DIR_EXECUTABLE=home/<sidadm>
Please let me know the exact path to be set for SECUDIR.
Thanks and Regards,
Moulinath Ray
01-30-2009 7:26 AM
Maybe ask in one of the security forums, as this is not a portal related query...
01-30-2009 12:22 PM