Transport Layer Security
For an overview of the communication protocols and the corresponding security mechanisms for the AS Java, see the figure below.
AS Java Communication Paths and Protocols.
Depending on the underlying communication protocol of the AS Java, you can use either the Internet standard Secure Socket Layer (SSL) or Secure Network Communications (SNC). The transport layer security functions on the AS Java use the security provider libraries and the AS Java security environment. You specify the security provider and the secure store security options during the AS Java installation.
For more information, see Transport Layer Security on the AS Java in the Administration Manual.
SSL on the AS Java is not configured by default. For more information about enabling the use of SSL, see Configuring the Use of SSL on the AS Java .
For information specific to each of the communication protocols used by the AS Java, see the table below.
| Protocol | Security Mechanism | Comment |
|---|---|---|
|
HTTP |
Secure Socket Layer (SSL) |
P4 is the transfer protocol for Java specific Remote Method Invocation (RMI) communication. This protocol is used for remote deployment, as transport layer for JMS (Java Message Service) protocol, and remote method invocations of custom remote objects bind in naming.. For more information, see Configuring the Use of SSL on the AS Java in the Administration Manual. |
|
P4 |
Secure Socket Layer (SSL) |
P4 is the transfer protocol for Java specific Remote Method Invocation (RMI) communication. This protocol is also used for communication between the SDM server and the AS Java. P4 supports HTTP tunneling and can also be used with proxies. For more information, see Using P4 Protocol Over a Secure Connection in the Administration Manual. |
|
IIOP |
Secure Socket Layer (SSL) |
IIOP is an alternative transfer protocol to use for RMIcommunication requests. You can also use IIOP for communication with CORBA application servers. Transport Layer Security for the IIOP protocol is provided by SSL. For more information, see Configuring the AS Java for IIOP Security in the Administration Manual. |
|
LDAP |
Secure Socket Layer (SSL) |
You can use an LDAP directory server as the persistence layer for the UME user store. You can use SSL for the Transport Layer Security in this case. |
|
RFC |
Secure Network Communications (SNC) |
SNC is an SAP proprietary layer used with the SAPcommunication protocols RFC and DIAG. For more information, see Secure Network Communication (SNC) in the SAP NetWeaver Security Guide |
|
JDBC |
driver-dependent |
JDBC is a communication protocol for connecting to databases. Transport Layer Security for database connectivity is provided by the driver used to connect to the database. |
|
Telnet |
Virtual Private Network (VPN) |
Telnet is used for remote administration using Shell Admin tool. We recommend establishing a virtual private network to secure the connection. For more information, see Remote Administration Using Telnet in the Administration Manual |
|
Session |
N/A |
Session is a type of communication protocol that is used only between the Internet Communication Manager (ICM) and the server processes in the AS Java cluster. These elements exist in the same security context of an AS Java instance and, therefore, no transport security is necessary. |
For the latest update of SSL/TLS and HTTP implementations on SAP NetWeaver AS for Java, see SAP note
2284059 
.
See also:
Administration Manual:
- Configuring the Use of SSL on the AS Java
- Using SSL to the AS Java via the ICM
- Using SSL With an Intermediary Server
- Configuring SNC: AS Java -> AS ABAP