Network and Transport Layer Security
Using the Secure Sockets Layer Protocol with the SAP Web AS ABAP
The Application Server's Personal Security Environments
SSL Server PSE
SSL Client PSEs
The SAP Cryptographic Library Installation Package
Configuring the SAP Web AS for Supporting SSL
Installing the SAP Cryptographic Library on the SAP Web AS
Setting the Profile Parameters for Using SSL
Creating the SSL Server PSE
Generating Certificate Requests for the SSL Server PSEs
Sending the Certificate Requests to a CA
Importing the Certificate Request Response
Maintaining the SSL Server PSE's Certificate List
Creating the Standard SSL Client PSE
Creating the Anonymous SSL Client PSE
Creating Individual SSL Client PSEs
Specifying that a Connection Should Use SSL
Testing the SSL Configuration
Making Sure the SSL Port is Set up Correctly
Testing the Connection for SSL Server Authentication
Testing the Connection for SSL Client Authentication
Transport Layer Security on the SAP J2EE Engine
Configuring the Use of SSL on the J2EE Engine
Deploying the SAP Java Cryptographic Toolkit
Changing the Startup Mode for the SSL Provider
Creating the Server's Key Pair to Use for SSL
Assigning the Key Pair to Use for a Specific SSL Port
Testing the SSL Connection
Using SSL to the SAP J2EE Engine via the ICM
Using SSL With an Intermediary Server
Configuring SSL When the SAP Web Dispatcher is the Intermediary
Configuring the SAP Web Dispatcher to Terminate the SSL Connecti
Configuring SSL When the IIS is the Intermediary Server
Backing Up an Existing IIS Configuration
Installing the IisProxy Module
Testing the IisProxy Module
Configuring the IisProxy Module to Support SSL
Reverting to the SAPJ2EE Module
Configuring SSL When an Other Device is the Intermediary Server
Configuring SNC (SAP J2EE Engine ( ABAP Engine)
Installing the SAP Cryptographic Library on the SAP J2EE Engine
Creating an SNC PSE for the SAP J2EE Engine
Creating Credentials for the SAP J2EE Engine
Exchanging Public-Key Certificates
Maintaining the System ACL on the Application Server
Setting the SNC Parameters
Configuring SNC Between the UME and an ABAP-Based System
Requirements for System User SAPJSF_<SID> in ABAP Systems
Configuring SNC Between a Java iView and an ABAP System
Configuring SSL Between the UME and an LDAP Directory
Importing the Root Certificate of the LDAP Directory
Changing the UME LDAP Configuration
Testing the SSL Connection
Troubleshooting
Additional Keystore and Cryptographic Functions
Managing Key Storage Views
Managing Entries
Creating a Key Pair and Public-Key Certificate
Managing Code Based Permissions
Managing the Credentials and Trusted Certificates to Use SSL
Managing Cryptography Providers
Secure Connection Factory API for HTTPS Clients
Interfaces and Classes for Using the Secure Connection Factory
Examples for Using the Secure Connection Factory
Destination Service API
Interfaces and Classes for Using the Destination Service API
Examples for Using the Destination Service API
Configuring the SAP Web Dispatcher to Support SSL
Installing the SAP Cryptographic Library on the SAP Web Dispatch
Setting the SSL Profile Parameters for the SAP Web Dispatcher
Sample Profile for the SAP Web Dispatcher When Terminating SSL
Creating the PSEs and Certificate Requests
Sending the Certificate Requests to a CA
Importing the Certificate Request Responses
Creating Credentials for the SAP Web Dispatcher
Testing the SSL Connection to the SAP Web Dispatcher
Using an Intermediary Server to Connect to the J2EE Engine
Configuring the IIS as the Intermediary Server
Backing Up an Existing IIS Configuration
Installing the IisProxy Module
Testing the IisProxy Module
Configuring the IisProxy Module to Support SSL
Reverting to the SAPJ2EE Module
Log Levels for the IisProxy Module
Troubleshooting for the IisProxy Module
Configuring the Apache Web Server as the Intermediary Server
Secure Network Communications (SNC)
Using the SAP Cryptographic Library for SNC
Scenarios
Scenario 1: Using a Single PSE for ALL Components
Scenario 2: Using Individual PSEs for Components
Configuring the Use of the SAP Cryptographic Library for SNC
The SAP Cryptographic Library Installation Package
Recommended Locations of Files
Configuring SNC for Using the SAPCRYPTOLIB on the SAP Web AS
Installing the SAP Cryptographic Library on the SAP Web AS
Setting the Trust Manager Profile Parameters
Creating the SNC PSE
Importing the SNC PSE
Exporting the SNC PSE
Exchanging Public-Key Certificates Starting on the SAP Web AS
Exporting the SAP Web AS's Public-Key Certificate
Importing Public-Key Certificates on the SAP Web AS
Connection-Specific Configurations
Making the Access Control List Entries on the Application Server
Setting the SNC Profile Parameters
Configuring SNC for Using the SAPCRYPTOLIB on the AGate
Installing the SAP Cryptographic Library on the AGate
Loading the SAP Cryptographic Library on the AGate
Creating a PSE on the AGate
Installing a PSE on the AGate
Creating Credentials for the AGate
Exporting the AGate's PSE
Exchanging Public-Key Certificates Starting on the AGate
Exporting the AGate's Public-Key Certificate
Importing Public-Key Certificates on the AGate
Configuring SNC for the Connection to the Application Server
Checking the SNC Configuration on the Application Server
Specifying the Application Server’s SNC Information on the AGate
Testing the Connection
Configuring SNC for Using the SAPCRPYTOLIB Using SAPGENPSE
Installing the SAP Cryptographic Library on an Arbitrary Server
Creating a PSE for the Server Using SAPGENPSE
Creating the Server's Credentials Using SAPGENPSE
Checking the Application Server's User (Windows)
Checking the AGate's User (Windows)
Checking the WGate's User (Windows)
Exchanging Public-Key Certificates
Exporting the Server's Certificate Using SAPGENPSE
Maintaining the Server's Certificate List Using SAPGENPSE
Example: Exchanging Public-Key Certificates
Connection-Specific Configurations
Additional Functions
Deleting the Server's Credentials
Changing the PIN
Renewing the Server's Certificate
The Configuration Tool's Generic Command Line Options