Configuration of the Web Service SSL
Connection
Purpose
To perform security-related functions such as digitally signing PDF documents, you must set up an SSL connection to the Web service.
If you use these security-related functions in forms in Web Dynpro for Java, you also have to configure the SSL connection for Web Dynpro. For more information, see SAP Note 838111.
Process Flow
The checklist below summarizes the steps required to configure the Web Service SSL connection:
...
1. Create a view called ADSCerts in the Key Storage service, which is necessary for the storage of the client certificates for the Adobe document services. For detailed instructions, see Creating a View in the Key Storage Service.
2. Set up SSL (a.) and configure the client certificates (b.) for the J2EE Engine where the Adobe document services and where Web Dynpro for Java are installed. You will find the information for these procedures under:
a.
Configuring the Use of SSL on the SAP J2EE
Engine in the
SAP Library under SAP NetWeaver ® Security
® Network and Transport
Layer Security ® Transport Layer
Security on the SAP J2EE Engine
b.
Configuring the Use of Client Certificates for
Authentication in the SAP Library under SAP Netweaver ® Application Platform
(SAP Web Application Server) ® Java Technology in SAP
Web Application Server ® Administration
Manual ® Server
Administration ® J2EE Engine
Security ® Authentication on the
J2EE Engine ® Configuring
Authentication Mechanisms ® Using Client
Certificates for User Authentication
Follow all steps as described in this documentation, except for step 3, because you do not need to configure UME properties and LDAP in this scenario.
c. Store the client certificates in the ADSCerts view you created earlier.
3. This step is only necessary for the print forms scenario.
a.
Set up SSL
and configure the client certificates on the SAP Web AS ABAP. You will find
the information for this procedure under:
Configuring the SAP
Web AS for Supporting SSL in the SAP Library under SAP NetWeaver ® Security
® Network and Transport
Layer Security ® Using the Secure
Sockets Layer Protocol with the SAP Web AS ABAP
b. Import the client certificates into the J2EE Engine where the Adobe document services are installed, as described in step 2b.
c. Store the client certificates in the ADSCerts view you created earlier.
4. This step is only necessary for the interactive forms scenario in Web Dynpro for Java. See Configuring Web Dynpro User Access to Key Storage.
5. Change the settings of the system user ADSUser from basic authentication to SSL for the secure communication. For detailed instructions, see Configuring the User ADSUser for the SSL Connection.
6. In an ABAP environment, set up an SSL connection between the ABAP connection and the J2EE environment. For detailed instructions, see Setting Up the SSL Connection in an ABAP Environment.
7. In a Web Dynpro for Java environment, configure an SSL connection between the Java version of the PDF object and the Adobe document services. For detailed instructions, see Setting Up the SSL Connection in a Java Environment.
8. This step is only necessary for scenarios that require high security within SAP Web AS. Adobe document services are installed on the J2EE Engine and consist of two parts. The communication between these parts uses the IIOP service. If you need to set up SSL on this communication path, proceed as follows:
a. Download and deploy the BinariesSSL-2 Library. This library contains strong encryption components and is required for the secure IIOP communication. You may need authorization to receive this library. For more information, see SAP Note 752153.
Note that the functions digital signatures and certification of forms can also be performed even if this library is not used.