Show TOC

Procedure documentationConfiguring the SAP Web Dispatcher Profile Locate this document in the navigation structure

 

To enable SAP HANA applications to use SSL/HTTPS to secure both incoming and outgoing connections, you must maintain the SAP Web Dispatcher profile sapwebdisp.pfl.

Note Note

The SAP Web Dispatcher referred to here is internal to SAP HANA XS and not the SAP Web Dispatcher included in the SAP Fiori / SAP Smart Business system landscape.

End of the note.

Prerequisites

To configure the SAP Web Dispatcher to enable SSL/HTTPS for SAP HANA applications, note the following prerequisites:

  • You need root/administrator access to the SAP HANA system hosting the SAP Web Dispatcher service.

  • The SAP encryption library libsapcrypto.so is installed and available.

  • The trust store utility sapgenpse is available.

  • The SAP Web Dispatcher trust store (SAPSSL.pse) is available.

You use the SAP Web Dispatcher profile to specify, among other things, the location of the encryption library (libsapcrypt.so) and the SAP Web Dispatcher trust store (SAPSSL.pse).

Procedure

  1. On the SAP HANA server, open the SAP Web Dispatcher profile in your favorite text editor.

    By default, the SAP Web Dispatcher profile sapwebdisp.pfl is located in the following directory:

    /usr/sap/<SAPHANAInstance>/HDB<InstNo>/<Hostname>/wdisp/sapwebdisp.pfl

  2. Maintain the following values in the SAP Web Dispatcher profile sapwebdisp.pfl:

    Syntax Syntax

    1. wdisp/ssl_encrypt = 0
ssl/ssl_lib = /usr/sap/<SAPHANAInstance>/SYS/global/security/lib/libsapcrypto.so
ssl/server_pse = SAPSSL.pse
icm/HTTPS/verify_client = 1
icm/HTTPS/forward_ccert_as_header = true
    End of the code.

  3. Restart the SAP HANA XS engine.

    1. In the SAP HANA studio’s Administrator editor, open the   Landscape   Services   tab for the SAP HANA system where you want to restart the XS Engine service.

    2. Right-click the service and choose the required option:

      • Stop...

        The service is stopped normally and then typically restarted.

      • Kill...

        The service is stopped immediately and then typically restarted.

      • Reconfigure Service...

        The service is reconfigured; any changes made to parameters in the system configuration files are applied.

  4. Restart the SAP Web Dispatcher.

    Syntax Syntax

    1. sapcontrol -nr <instanceNr> -function SendSignal <pid> <signal>
    End of the code.

    For example, to restart the SAP Web Dispatcher 00 with the process ID 28155, run the following command:

    Syntax Syntax

    1. sap control -nr 00 function SendSignal 28155 2
    End of the code.

  5. Test HTTPS calls to the SAP HANA Web server.

    In a Web browser, call the SAP HANA XS Web server at the following URL: https://<SAPHANA_WebServer_Hostname>:43SAPHANAInstNo>