on 09-01-2013 10:40 PM
Hello,
we operate a web dispatcher 7.40 with more than one CN. Every CN hides a different application on an enterprise portal or an abap stack. Now there is only one valid ssl certificate.
Is it possible to maintain more than one CN, every with a valid ssl certificate, on one web dispatcher?
best regards
Patrick
One SSL certificate per IP address. It's a known restriction, more due to the SSL handshake than anything SAP related.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That's right but SANs are a useful way to manage more than one CN. But in an enterprise portal enviroment there are a lot of hard links to the portal itself inside the portal configuration. Now we handle the different CNs that way
icm/HTTP/redirect_0 = PREFIX=/, FROM=/, FOR=cn1*, TO=/irj/portal, HOST=webdispatcher.company.com, PROT=HTTPS
icm/HTTP/redirect_1 = PREFIX=/, FROM=/softlink1, FOR=cn2*, TO=/irj/portal/softlink1, HOST=webdispatcher.company.com, PROT=HTTPS, PORT=4430
icm/HTTP/redirect_2 = PREFIX=/, FROM=/softlink2, FOR=cn3*, TO=/irj/portal/softlink2, HOST=webdispatcher.company.com, PROT=HTTPS, PORT=4431
Default https port 443 is the enterprise portal, 4430 is ABAP 1 and 4431 is ABAP 2.
ps: maintain of san with sapgenpse is not possible. but the ca can include them in the certificate.
Hi Patrick,
You can have a single SSL certificate with multiple Subject Alternative Names (SANs)
http://en.wikipedia.org/wiki/Subject_Alternative_Name
Or you may want to consider a wildcard certificate.
http://en.wikipedia.org/wiki/Wildcard_certificate
Hth,
Simon
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.