Configuring the SAP Web Dispatcher to Support SSL 

Use

If you are using a stand-alone SAP Web Dispatcher in front of the SAP Web AS, then use the procedures below to configure the SAP Web Dispatcher to support SSL. The SAP Web Dispatcher can either pass the SSL connection to the server in the backend, or it can terminate the SSL connection. See the graphics below.

Passing the SSL Connection

Terminating the SSL Connection

Procedure

Configuring the SAP Web Dispatcher to Pass the SSL Connection to the Backend Server

If the SAP Web Dispatcher is to pass the SSL connection to the server in the backend, then, in addition to the standard parameters, set the following profile parameter in the SAP Web Dispatcher’s profile:

icm/server_port_<xx> = PROT=ROUTER, PORT=<port>, TIMEOUT=<timeout_in_seconds>

For more information about the SAP Web Dispatcher’s profile, see The SAP Web Dispatcher Profile Parameter.

Configuring the SAP Web Dispatcher to Terminate the SSL Connection

If the SAP Web Dispatcher is to terminate the SSL connection, then it must possess a security environment. To set up this security environment, perform the following:

...

       1.      Install the SAP Cryptographic Library on the SAP Web Dispatcher.

       2.      Set the profile parameters.

       3.      Create the SAP Web Dispatcher’s PSE(s) and certificate request(s).

       4.      Send the certificate request(s) to a CA to be signed.

       5.      Import the certificate request response(s) into the PSE.

       6.      Create credentials for the SAP Web Dispatcher.

       7.      Restart the SAP Web Dispatcher.

       8.      Test the connection.