SAP Mobile Platform Server: Setup of Communication
Use
To configure SSL communication between the SAP Web Dispatcher, SAP Mobile Platform Server, and the Fiori front-end server, you have to establish trust between the components.
SAP Mobile Platform Server uses a single keystore file, located at <SMP_HOME>\Server\configuration\smp_keystore.jks.
You can make changes to the keystore using the keytool utility located in <SMP_HOME>\sapjvm_7\bin.
The keystore password is the same as the one you provided during the SAP Mobile Platform installation.
Tasks
|
Task |
Description |
|---|---|
|
Replace the default self-signed certificate with a CA-signed certificate. |
|
|
Configuring SAP Mobile Platform Server to Trust SAP Web Dispatcher |
Map the Impersonator role to the subjectDN of the SAP Web Dispatcher client PSE. |
|
Configuring SAP Mobile Platform Server to Trust the Fiori Front-End Server |
Import the CA certificate used to sign the Fiori front-end server certificate into the SAP Mobile Platform keystore. |
|
Enabling Mutual SSL Authentication with the Fiori Front-End Server |
Create a technical user certificate to be used for mutual SSL between SAP Mobile Platform Server and the Fiori front-end server. |
|
Enabling Principal Propagation to the Fiori Front-End Server |
In principal propagation, temporary X.509 user certificates are generated at runtime to enable user principals and credentials to be forwarded from SAP Mobile Platform Server to the back end. Generate a signing certificate for these temporary certificates. |