Entering content frame

Procedure documentation Configuring Secure Communication on the Web Server Locate the document in its SAP Library structure

Use

After you have imported the certificate for the Web server, configure the settings for secure communication.

·        Configuring the TREXWebServer.ini INI File

In order to prepare the TREX Web server for secure communication using HTTPS with the TREX Java client, change the communication protocol from HTTP to HTTPS in the configuration file TREXWebServer.ini, and specify the name of a key store (SAPSSLS.pse).

Note

The keystore SAPSSLS.pse was created with the cryptography tool SAPGENPSE when you configured secure communication between the TREX preprocessor and the Web server of the application using TREX (see TREX Preprocessor and Web Server of the Application (HTTPS))

·        Configuring HTTPS Communication

You then define the protocol to be used for communication with the Web server. We recommend that you choose HTTPS communication, since it is the only way of ensuring secure communication and authentication of the communication partner.

·        Defining the SSL Port

In the final step, you specify the SSL port to be used for the HTTPS communication.

Prerequisites

You have imported the certificate for the Web server to the Web server. You have opened the Internet Services Manager and are displaying the properties of the Web site SAP_TREX_<trex_instance_number>.

Configuring the TREXWebServer.ini File

...

       1.      Using a text editor, open the configuration file <TREX_Directory>\TREXWebServer.ini on the host on which the TREX Web server is installed.

    2.      In the section [HTTPServer], change the parameter URL from http to https: URL=https://<%trexserver%>:3<trex_instance_number>44/TREXHttpServer/TREXHttpServer.dll

       3.      In the same section, for the parameter certfile, enter the value SAPSSLS.pse for the keystore used.

This graphic is explained in the accompanying text

[HTTPSERVER]

URL = https://P54896.wdf.sap-ag.de:34844/TREXHttpServer/TrexHttpServer.dll

certfile = <homedirectory>/sec/ SAPSSLS.pse

This port number is valid for a TREX installation with the instance number 48.

       4.      Save the TREXWebServer.ini file and close the text editor.

Configuring HTTPS Communication

...

       1.      Choose the Directory Security tab, and then choose the Edit pushbutton from the Secure communications area.

       2.      Select the Require secure channel field.

       3.      Select the Require client certificates field.

       4.      Choose OK.

Defining the SSL Port

...

       1.      Choose the Web Site tab.

       2.      Specify the SSL port.

Caution

HTTP and HTTPS cannot run on Microsoft IIS on the same port. Therefore, you are not allowed to use the same number for both the TCP port and the SSL port.

       3.      Choose OK.

       4.      You have to restart TREX and the IIS (Internet Information Server) in order for the changes to the configuration file TREXWebServer.ini to be accepted by TREX.

Result

The SAP_TREX_<trex_instance_number> Web site is fully configured. You now need to provide the root certificate of the CA to the Web server.

 

Leaving content frame