Show TOC

Procedure documentationReplacing Default SAP Web Dispatcher PSEs

 

The following personal security environments (PSE) are relevant for the SAP Mobile Platform setup. Initially, they contain self-signed certificates created automatically during the first startup of SAP Web Dispatcher:

  • SAPSSLS.pse

    Default SSL server PSE for SSL server initialization. It is used for incoming mobile client connections.

  • SAPSSLC.pse

    Default SSL client PSE for SSL client initialization.

You should replace the SSL server PSE with a CA-signed PSE. If you use X.509 user certificates for authentication, you should also replace the SSL client PSE with a CA-signed PSE.

Procedure

  1. Start the Web Administration interface for SAP Web Dispatcher.

  2. Under SSL and Trust Configuration, choose PSE Management.

  3. For SAPSSLS.pse and (if using X.509 user certificates for authentication) SAPSSLC.pse, do the following:

    1. If necessary, recreate the PSE and generate a new key pair.

    2. Create a certificate signing request (CSR).

    3. Send the certificate request(s) to a CA to be signed The procedure depends on the CA that you use.

    4. Import the signed certificate(s) into the PSE.

    Note Note

    The client PSE SAPSSLC.pse only has to be signed by a CA if you use X.509 user certificates for authentication. In this case, SAP Mobile Platform Server has to be configured to trust the SAP Web Dispatcher client certificate in order to accept the forwarded client certificate information. For more information, see Configuring SAP Mobile Platform Server to Trust SAP Web Dispatcher.

    End of the note.

More Information

Setting Up Communication Channels

SAP Web Dispatcher: Setup of Communication