If the SAP Web Dispatcher is to terminate the SSL connection, then it must possess security information to use for the SSL communication(s). This information is stored in the SAP Web Dispatcher's Personal Security Environments (PSEs) as follows:
To execute the necessary security functions, the SAP Web Dispatcher uses the SAP Cryptographic Library.
Use the procedure below to install the SAP Cryptographic Library on the SAP Web Dispatcher and to set up its security environments.
Note the following:
For more information about the individual parameters, see the SAP Web Dispatcher documentation.
Using the command line editor:
sapgenpse get_pse -p <PSE_Name> -x <PIN> [-r <cert_req_file>] <Distinguished Name>
Note the following:
The exact procedure depends on the CA you use. For the SAP CA, see the instructions provided by the SAP TrustCenter Services at service.sap.com/tcs .
The CA returns a certificate request response for each request that you send.
sapgenpse get_pse -p <PSE_Name> -x <PIN> [-r <cert_req_file>] <Distinguished Name>
sapgenpse seclogin -p <PSE_Name> -x <PIN> -O [Windows_Domain>\]<user_ID>
sapgenpse maintain_pk -a <CA_root_cert> -p <PSE_Name> -x <PIN>
The SAP Web Dispatcher terminates incoming SSL connections. If wdisp/ssl_encrypt = 1 or 2, then it also establishes an SSL connection to the AS Java. If wdisp/ssl_auth = 1 or 2, then SSL with mutual authentication is used for the connection to the AS Java.
See also:
For more information about the commands available with sapgenpse , see the SAP Web Dispatcher documentation.