The SAP Net Weaver Application Server is a web application server defined for SAP solutions. The Web AS is the base on which most of SAP products operate. The SAP application server consists of five layers including presentation layer, business layer, integration layer, connectivity layer, and persistence layer. However, the SAP Net Weaver Application Server supports HTTPS for encrypted communication. In this article, we will reveal about installation of SSL certificate into SAP Web Application server 6.10+.


Before going through the installation of SSL certificate, we have to aware about SSL Server PSE (Personal Security Environment). It contains the application server’s security information that is being used while SSL communication. It is a certificate list used by the server for the authentication purpose. The application server makes use of this list to decide which CAs the server believes. Now let us go through the procedure of SSL installation into SAP server.


Generate CSR:


To install SSL certificate, you must create a certificate request (CSR) that uses an SSL server PSE. Check individual SSL server PSE in Trust Manager by elaborating SSL server PSE node and click on the server, it appears the server’s name and for which you have to generate the CSR.


Procedure


  • Browse Trust Manager and expand the SSL server PSE node.
  • Select the application server, in the PSE maintenance section it shows the application server’s certificate.
  • Select “Create Certificate Request” from the PSE maintenance section, and a dialogue box will be there showing the certificate request.
  • Select the content shown in the certificate request and copy or save the content to a local file (<file name>.P10).

Installation of SSL certificate on SAP Net Weaver Application Server 6.10+:


  • Download the Intermediate Certificate and save as it as “intermediate.crt” on your server.
  • Open the Trust Manager and click to elaborate the SSL server PSE node.
  • To assign an individual Certificate to each application, you should follow the below steps.
    • Click on the desired application server, you will see SSL server PSE in the PSE maintenance section.
    • Import Cert. Response. You will find a dialog box for the certificate request response.
    • In the dialogue box, paste the content of Certificate Request Response or select the local file from the system.
    • Now, you can see in the PSE maintenance section a signed public key certificate that is imported into the SSL server PSE.
    • To view information about the imported certificate, click on it. The details of the certificate will be shown in the certificate maintenance section.
    • Finally, save the complete data.

Importing the CA’s Root Certificates if Not Located in the Certificate Database


  • Go to Certificate section and select “Import Certificate”, it will show a certificate dialogue.
  • Choose the Database tab.
  • Choose the certificate from the certificate database and select Enter.
    You can see the certificate in the certificate section.
  • Now, select “Add to Certificate List”.
    The certificate will be added to the certificate list, which you can see in the PSE maintenance section.
  • Save the data.

Importing the CA’s root certificate from the File System:

  • Go to Certificate section and select “Import Certificate”, it will show a certificate dialogue.
  • From the file system, enter the suitable file name and choose the file format. In case, if you are not sure about the certificate’s file format, then open the certificate in a Notepad. If the content of the certificate is readable then it is a Base 64 format.
  • You can see the certificate in the certificate maintenance section.
  • Now select “Add to Certificate List”. The certificate will be added to the certificate list, which you can see in the PSE maintenance section.
  • Save your data.

Importing the CA’s root certificate from Different PSE:

  • Click on SSL Server PSE node to choose the application server. Check PSE maintenance section where PSE and the certificate list will be shown.
  • You can see the certificate in the certificate maintenance section. Click on the certificate.
  • In the SSL server PSE node, choose a single application server with a double click.
  • Now select “Add to Certificate List”. The certificate will be added to the certificate list, which you can see in the PSE maintenance section.
  • Save your data.
To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply