SSL Certificate - two app servers, one is good the...

neeta_patel2 · ‎12-08-2010

Hi all,

We have an ssl certificate installed on our ABAP SAP system. We recently added another application server - a dialog instance. In strustsso2, app1s ssl certificate is good, On the ne wdialog instance , app2 selection in strustsso2, its self-signed? Why?

There is a requirement to add additional dialog instances on-demand so how do we address this so that additional servers also have a valid ssl certificate thats tied to the central instance?

Best Regards, Neeta

mvoros · ‎12-09-2010

Hi,

just export that certificate and import it into additional instance. You also have to set parameter wdisp/ssl_certhost to host name from SSL certificate. Otherwise host names won't match and you will get error.

Cheers

neeta_patel2 · ‎12-09-2010

Hi Martin,

Thanks - I tried that "own certificate" section is still marked self-signed in app2. I exported from app1 in the "certificate" section in base64, logged into app2 and imported from the "certificate" section. However, the CN in the "own certificate" area for app1 and app2 are not the same so this could be an issue?

Regards, Neeta

mvoros · ‎12-10-2010

Hi,

sorry, you can just take SSL PSE file from the central instance and copy it into proper directory on second AS. Just shutdown the second instance before doing this and start it again after distributing PSE.

Cheers

Former Member · ‎12-13-2010

Hi,

I chose a workaround to this multi server problem.

I use self signed certificates on all the app server and I have installed a SAP Web Dispatcher with a signed certificate to do the load balancing, SSL encryption and allow the use of HTTP and HTTPS standard ports.

All "Official" URLs go through the web dispatcher.

Regards,

Olivier

SSL Certificate - two app servers, one is good the other is self signed