on 08-24-2010 9:44 AM
Hi all,
I would like to use SSL in WD with CA certificate offering.
My configuration of WD is:
Web -> HTTPS -> Webdispatcher -> HTTP -> Backend WebAS
and it works right.
We would like to offer visitors of our webpages show/install our CA certificate too.
We have two files:
our_certificate.p12
CA_certificate.cer
For generating PSE we have used:
sapgenpse import_p12 -z <password for PKCS#12 file> -r CA_certificate.cer -p MY_APP-pse our_certificate.p12
without errors.
We have creaqted credentials for new PSE.
But If I came with webbrowser to our webpages, webdispatcher offers only our_certificate, not CA_certificate.
Can anyone help me please ?
Thank you
PS: Sorry for my poor English
Hi,
What you have done sounds correct except a PKCS file usually contains the root certificate so I would check whether the signed certificate you have is correct. Check with: sapgenpse get_my_name -v -p MY_APP-pse ...it should show a PKRoot certificate in most cases.
If your backend Web AS is using the same certificate as your web dispatcher then you could always create the certificate in STRUST on SAP and then copy the resulting PSE file to your web dispatcher. This way you don't have to be concerned with any sapgense commands.
Nelis
PS: Your English is better than some English speaking people I've seen post here
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have tried sapgenpse get_my_name -v -p MY_APP-pse and it writes:
Opening PSE "PSEFILE"...
PSE (v2) open ok.
Retrieving my certificate... ok.
Getting requested information... ok.
SSO for USER "xxxadm"
with PSE file "PSEFILE"
MY Certificate:
-
Subject : some text1
Issuer : some text2
Serialno: 7E
KeyInfo : RSA, 2048-bit
Validity - NotBefore: Tue Jul 28 16:16:20 2009 (090728211620Z)
NotAfter: Wed Aug 1 16:16:20 2012 (120801211620Z)
-
No additional FCPath.
PKRoot Certificate:
-
Subject : some text2
Issuer : some text2
Serialno: B0:01:68:F7:09:58:C6:68
KeyInfo : RSA, 1024-bit
Validity - NotBefore: Mon Jun 4 16:18:23 2007 (070604211823Z)
NotAfter: Thu Jun 1 16:18:23 2017 (170601211823Z)
-
"Italics" replace private texts.
So I think that we have the RootCA cert installed correctly, but visitors cannot find this.
Any suggestions?
Hi ,
Can you make sure all the parameters are correctly maintained .
Also make sure SECUDIR environment variable set to K:\usr\sap\wd\secudir
Below tags might help you,
Note 518942 - How to sign inqmy certificate by a CA for HTTPS
http://help.sap.com/saphelp_47x200/helpdata/en/d8/a922d7f45f11d5996e00508b5d5211/frameset.htm
Regards
Nagaraju
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
I dont know if you understand me...
My WD (HTTPS) settings works fine. Everything works (SSL), but visitors cannot see an CA root certificate. However I have imported it with WD SSL certificate by program sapgenpse.
Can be the problem with certificate itself ? Im a newbie in "certificating branch". Should I import certificate p12 with imported root CA certificate?
Thank you for advice
User | Count |
---|---|
81 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.