Profile parameters are used to configure SSL configuration for the ICM and Web Dispatcher. For SSL communication between the ICM and AS Java the relevant properties must also be set in the AS Java.
Parameter icm/ssl_config_<xx> controls SSL configuration overall.
The parameters below specify the header field names that are used for SSL (certificate forwarding). The Web Dispatcher sets the fields and the ICM on the application server uses them.
Caution
The parameters are set the same in the ICM and in the Web Dispatcher. You should not change the default values unless absolutely necessary.
Parameter |
Meaning |
Default |
---|---|---|
icm/HTTPS/client_certificate_chain_header_prefix |
Prefix for the CA certificate chains: The chain is structured from 1 to n, where n+1 is the last CA root certificate in the chain that is not sent to the server. The server finds the chained certificates in the variables SSL_CLIENT_CERT_CHAIN_1, SSL_CLIENT_CERT_CHAIN_2, and so on. The CA root certificate, which is the last certificate in the chain, is not sent to the server in a header field. It must exist as a trusted CA in the SSL provider service. |
SSL_CLIENT_CERT_CHAIN_ |
icm/HTTPS/client_certificate_header_name |
Header field that contains the user's certificate. |
SSL_CLIENT_CERT |
icm/HTTPS/client_cipher_suite_header_name |
Header field that contains the cipher suite used. |
SSL_CIPHER_SUITE |
icm/HTTPS/client_key_size_header_name |
Header field that contains the key size. |
SSL_CIPHER_USEKEYSIZE |
icm/HTTPS/trust_client_with_subject icm/HTTPS/trust_client_with_issuer |
For X.509-based logon to NW AS using the SAP Web Dispatcher you need these parameters to create a trusted relationship between the Web Dispatcher and ICM, or between two Web Dispatchers activated one after the other. More information: X.509-Based Logon to NW AS from SAP Web Dispatcher |
In AS Java there are relevant properties for these parameters.
More information:
For the Web Dispatcher there are additional parameters to control SSL communication.
More information: