12-08-2010 8:55 PM
Hi all,
We have an ssl certificate installed on our ABAP SAP system. We recently added another application server - a dialog instance. In strustsso2, app1s ssl certificate is good, On the ne wdialog instance , app2 selection in strustsso2, its self-signed? Why?
There is a requirement to add additional dialog instances on-demand so how do we address this so that additional servers also have a valid ssl certificate thats tied to the central instance?
Best Regards, Neeta
12-09-2010 2:41 AM
Hi,
just export that certificate and import it into additional instance. You also have to set parameter wdisp/ssl_certhost to host name from SSL certificate. Otherwise host names won't match and you will get error.
Cheers
12-09-2010 4:32 PM
Hi Martin,
Thanks - I tried that "own certificate" section is still marked self-signed in app2. I exported from app1 in the "certificate" section in base64, logged into app2 and imported from the "certificate" section. However, the CN in the "own certificate" area for app1 and app2 are not the same so this could be an issue?
Regards, Neeta
12-10-2010 2:39 AM
Hi,
sorry, you can just take SSL PSE file from the central instance and copy it into proper directory on second AS. Just shutdown the second instance before doing this and start it again after distributing PSE.
Cheers
12-13-2010 10:27 AM
Hi,
I chose a workaround to this multi server problem.
I use self signed certificates on all the app server and I have installed a SAP Web Dispatcher with a signed certificate to do the load balancing, SSL encryption and allow the use of HTTP and HTTPS standard ports.
All "Official" URLs go through the web dispatcher.
Regards,
Olivier