on 12-01-2014 1:53 PM
Hi,
I am setting up webdispatcher SSL to use key-pairs provided by the infrastructure team.
The Webdispatcher currently is setup to use its own self-signed certificate, but it is required that we use a wild card certificate and corresponding private key.
Is there a way to achieve this ?
The sapgenpse command helps to generate own certificate, or certificate request and then import own, when signed. However this is about using the CN =*.zzzzz.com where the wildcard certificate and corresponding private key is available,
Please help.
Regards
An
Hi,
You should add the following profile parameter in the web dispatcher when
using wildcard certificates:
wdisp/ssl_ignore_host_mismatch = 1
Regards, Gabriella
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ananmika,
You can try generating a pse and certificate request using * as the CN name.( do you have a particular format for CN name in your organization ?)
sapgenpse get_pse -p <name>.pse -r <name>.req "CN=*, O=SAP Trust Community, C=EN" -s 2048
Then you can import(import_own_cert) your wild card certificate response and the corresponding root certificate used to sign that response in to your web dispatcher PSE.
Thanks
Amit
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
sapgenpse get_my_name -p /usr/sap/SID/sapwebdisp/sec/ .pse -v
Backup the current sec directory
then use above mentioned command "sapgenpse get_pse -p <name>.pse -r <name>.req "CN=*, O=SAP Trust Community, C=EN" -s 2048"
import signed certificate using ./sapgenpse import_own_cert
restart the webdisp
User | Count |
---|---|
80 | |
9 | |
9 | |
7 | |
7 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.