cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

webdispatcher : SSL using key-pairs

Former Member

on ‎12-01-2014 1:53 PM

0 Kudos

Hi,

I am setting up webdispatcher SSL to use key-pairs provided by the infrastructure team.

The Webdispatcher currently is setup to use its own self-signed certificate, but it is required that we use a wild card certificate and corresponding private key.

Is there a way to achieve this ?

The sapgenpse command helps to generate own certificate, or certificate request and then import own, when signed. However this is about using the CN =*.zzzzz.com where the wildcard certificate and corresponding private key is available,

Please help.

Regards

An

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

gabriella_kiss
Participant
‎12-03-2014 9:21 AM
0 Kudos

Hi,
You should add the following profile parameter in the web dispatcher when
using wildcard certificates:

wdisp/ssl_ignore_host_mismatch = 1

Regards, Gabriella

Show replies
Show replies
Former Member
‎12-01-2014 3:23 PM
0 Kudos

Hi Ananmika,

You can try generating a pse and certificate request using * as the CN name.( do you have a particular format for CN name in your organization ?)

sapgenpse get_pse -p <name>.pse -r <name>.req "CN=*, O=SAP Trust Community, C=EN" -s 2048

Then you can import(import_own_cert) your wild card certificate response and the corresponding root certificate used to sign that response in to your web dispatcher PSE.

Thanks

Amit

Show replies
Show replies
Former Member
‎12-02-2014 2:59 PM
0 Kudos

sapgenpse get_my_name -p /usr/sap/SID/sapwebdisp/sec/ .pse -v

Backup the current sec directory

then use above mentioned command "sapgenpse get_pse -p <name>.pse -r <name>.req "CN=*, O=SAP Trust Community, C=EN" -s 2048"

import signed certificate using ./sapgenpse import_own_cert

restart the webdisp


Ask a Question