Due to popular demand, this blog post shows the steps required to install a custom, CA-signed SSL certificate in the SAPSSLS.pse PSE store. (And you may need it with any XS classic HTTPS application with InA protocol.) |
Good to know:
Disclaimer:
|
Typically when installing SAP HANA 2.x or deploying a pre-installed version of SAP HANA database, the SSL certificates in different PSE stores are self-signed. And eventually, thanks to the built-in SAP HANA XS webdispatcher, both HTTP (port 80xx) and HTTPS (port 43xx) communications are possible. |
This is to make sure the INA package is present and is activated.
|
Goto SAP HANA XS webdispatcher admin cockpit:
Initially the SAPSSLS.pse PSE store will show the default and most likely self-signed SSL certificate as depicted below In order to allow for signed SSL HTTP connections with SAP HANA, we will need to replace that certificate with a new one signed by a CA of your choice. |
Steps:
Certificate Signing Request (redacted)
|
Sign the CSR with your global CA (Certificate Authority)
for instance:
https://getcerts.<xxxxxxxxx>/request/sapnetca_base64.html
The redacted certificate chain is shown below:
|
Click on Import CA Response button above and copy and paste the content of the PKCS7 certificate and click on the Import button to validate the import. |
As a result the new and signed certificate has been imported into our PSE store. From now on we can access HANA via HTTPS over port 43xx as depicted below:
|
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
34 | |
25 | |
12 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |