Making SAP Sourcing work with SSL Termination
Recently we’ve had a number of customers having issues with SSL Termination in the load balancer and it causing security exceptions when they reach the sourcing application. The customers that are seeing this are using reverse proxies running on an SSL port, forwarding to a non-SSL port on the application server also known as SSL Termination,
The two main reasons for doing this are for performance reasons as encrypting and decrypting the SSL is expensive, and to allow for IDS packet sniffing within a private network.
This essentially causes what the browser thinks is a HTTPS session to attempt to establish with what is a HTTP session with sourcing resulting in a popup informing the enuser that the session is not secured and the login page not resolviing properly. This can be resolved through adding a HTTP header to the request and ensuring sticky sessions are enabled.
The HTTP header to inject is “X-Original-HTTPS” with a value of “on” (case doesn’t matter). This should remove the issues being caused by the HTTPS to HTTP conversion.
Take a look at this example configuration for this generic loadbalancer setup.
This shows where the SSL Termination occurs and what needs to happen after that to ensure the End User arrives smoothly at SAP Sourcing.
Good article, helped me.
Hello,
We have configured HTTPS for SAP NW 7.3 and it is working for nwa link
When we try to use sourcing/CLM link, it switches to http
do you know if above will help us with that issue?
Please guide how to setup HTTPS for SAP Sourcing
Thanks
Hi,
We have the same issue, request is redirect from https to http...
Can you please clarify the correct setup for https.
Thanks
Hi,
We have the same problem...CLM requests come up as HTTP requests instead of HTTPS...
All other solutions like SRM, SPM etc. work Ok on HTTPS.....
We use the Really Complex Proxy Configuration here: Using Proxies - Business Server Pages - SCN Wiki
How do we ensure CLM requests stick to HTTPS.....please help advise.....
Thanks a lot...