cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

web dispatcher with more than one cn

Go to solution
former_member184680
Participant

on ‎09-01-2013 10:40 PM

0 Kudos

Hello,

we operate a web dispatcher 7.40 with more than one CN. Every CN hides a different application on an enterprise portal or an abap stack. Now there is only one valid ssl certificate.

Is it possible to maintain more than one CN, every with a valid ssl certificate, on one web dispatcher?

best regards

Patrick

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎09-03-2013 12:13 AM
0 Kudos

One SSL certificate per IP address. It's a known restriction, more due to the SSL handshake than anything SAP related.

Show replies
Show replies
former_member184680
Participant
‎09-03-2013 7:23 AM
0 Kudos

That's right but SANs are a useful way to manage more than one CN. But in an enterprise portal enviroment there are a lot of hard links to the portal itself inside the portal configuration. Now we handle the different CNs that way

icm/HTTP/redirect_0 = PREFIX=/, FROM=/, FOR=cn1*, TO=/irj/portal, HOST=webdispatcher.company.com, PROT=HTTPS
icm/HTTP/redirect_1 = PREFIX=/, FROM=/softlink1, FOR=cn2*, TO=/irj/portal/softlink1, HOST=webdispatcher.company.com, PROT=HTTPS, PORT=4430
icm/HTTP/redirect_2 = PREFIX=/, FROM=/softlink2, FOR=cn3*, TO=/irj/portal/softlink2, HOST=webdispatcher.company.com, PROT=HTTPS, PORT=4431

Default https port 443 is the enterprise portal, 4430 is ABAP 1 and 4431 is ABAP 2.

ps: maintain of san with sapgenpse is not possible. but the ca can include them in the certificate.

anja_engelhardt2
Active Contributor
‎09-04-2013 8:40 AM
0 Kudos

moved to by moderator

Answers (1)

Answers (1)

Former Member
‎09-01-2013 11:05 PM
0 Kudos

Hi Patrick,

You can have a single SSL certificate with multiple Subject Alternative Names (SANs)

http://en.wikipedia.org/wiki/Subject_Alternative_Name

Or you may want to consider a wildcard certificate.

http://en.wikipedia.org/wiki/Wildcard_certificate

Hth,
Simon

Show replies
Show replies
former_member184680
Participant
‎09-02-2013 2:40 PM
0 Kudos

How did I maintain SANs with sapgenpse to create a valid request?

Ask a Question