The TREX preprocessor is responsible for preparing documents to be indexed by the TREX engines. The Web server of the application using TREX (for example, SAP Enterprise Portal) transfers documents to be indexed to the preprocessor in the form of a URI that references the storage location of the document. The preprocessor resolves the URIs, is redirected to this URI, and uses HTTP to fetch the actual document from the repository in question. If this communication takes place using HTTPS, you have to configure anonymous client authentication between the preprocessor and the Web server of the application using TREX. You do this by importing the root certificate of the Web server to a keystore on the preprocessor.
If the actual storage location for the documents that the preprocessor refers to is located on a Web server outside of a secure system landscape, you must also register the root certificate of this Web server with the preprocessor by importing it on the server in question.
Use the cryptography tool SAPGENPSE to configure the preprocessor for HTTPs. This is a part of the SAP Cryptographic Library, which is the standard security product delivered by SAP for encryption functions in SAP systems. The SAP Cryptographic Library is available for download by authorized customers in the SAP Service Marketplace.
● We recommend that you install the application using TREX on a different host to TREX itself. The following is based on this standard scenario.
● You have access permission to the application running the Web server.
● You have installed and configured the SAP cryptography tool SAPGENPSE on the host on which the TREX preprocessor is running. For more information on downloading and configuring SAPGENPSE, see Using Cryptography Tools.
To configure anonymous client authentication between the preprocessor and the Web server of the application using TREX, you need to
● Create a keystore in which you can store the root certificate of the Web server.
● Register the root certificate of the Web server with the TREX preprocessor
You carry out the following steps to do this:
...
1. Generating a Keystore using SAPGENPSE
2. Importing the Root Certificate of the Web Server
The graphic below gives an overview of administrative tasks.
You have configured anonymous client authentication between the TREX preprocessor and the Web server of the application using TREX.