Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Basic aspects of setting up an SAP Web Dispatcher with SSL

cris_hansen
Advisor
Advisor
‎07-02-2019 12:14 AM
Throughout this new blog series, some basic aspects will be considered, as enumerated below:

  1. The SAP Web Dispatcher version.


The version used is the one recommended in SAP Note 908097 - SAP Web Dispatcher: Release, Installation, Patches, Documentation. Currently, I am using version 7.73, patch level 123, the latest available in the SAP ONE Support Launchpad.

As the scenarios are all SSL-related, note that the CommonCryptoLib is delivered with the SAP Web Dispatcher package. More on CommonCryptolib in SAP Note 1848999 - Central Note for CommonCryptoLib 8 (SAPCRYPTOLIB).

  1. The SSL configuration will be performed using the available UIs.


For the ERP/ECC system, STRUST will be used. Important: the test system used is based on the SAP NetWeaver 7.50 product. The interface is improved as of release 7.40. If you are using an older release (<7.40) and if you could not follow a step, then let me know using the comment section below; I will see whether I can find a similar (old) system and recreate the steps for such release. For the correct setup of SSL on the Application Server ABAP, SAP Note 510007 (Setting up SSL on Application Server ABAP) must be followed: read it carefully!

For the SAP Web Dispatcher, there is the Web Dispatcher Administration UI. Its menu brings the “SSL and Trust Configuration” item, with the “PSE Management”. More on this topic can be found in this wiki page.

The command line interface provided by sapgenpse will be only used as last resort.

  1. A special comment on STRUST.


Please, please, do NOT use the System PSE for SSL purposes. It will NOT work. The System PSE has no SSL purposes! If you are trying to use it, it means that you have NOT read SAP Note 510007: go back one step or game over.

  1. General troubleshooting information.


The following documents can help if any issue is faced while using SSL with the Web Dispatcher:

KBA 2394406 - Required information for analyzing SSL issues on Web Dispatchers

KBA 2559936 - [WEBINAR] Troubleshooting and Configuring SAP Web Dispatcher

KBA 2616927 - Troubleshooting common scenarios and errors in Web Dispatcher - Guided Answers

 

Next on the list: a basic scenario, with SSL re-encryption, showing involved parties, how to export/import certificates and revisiting the available traces.
4 Comments
Labels in this area
Popular Blog Posts