After you have imported the certificate for the Web server, configure the settings for secure communication.
Configuring the TREXWebServer.ini INI File
In order to prepare the TREX Web server for secure communication using HTTPS with the TREX Java client, change the communication protocol from HTTP to HTTPS in the configuration file TREXWebServer.ini, and specify the name of a key store ( SAPSSLS.pse).
You created the SAPSSLS.pse keystore using the cryptography tool SAPGENPSE when you configured secure communication between the TREX preprocessor and the Web server of the application using TREX (see TREX Preprocessor and Web Server of the Application (HTTPS)).
Configuring HTTPS Communication
You then define the protocol to be used for communication with the Web server. We recommend that you choose HTTPS communication, since it is the only way of ensuring secure communication and authentication of the communication partner.
Defining the SSL Port
In the final step, you specify the SSL port to be used for the HTTPS communication.
You have imported the certificate for the Web server to the Web server. You have opened the Internet Services Manager and are displaying the properties of the Web site SAP_TREX_<trex_instance_number>.
Configuring the TREXWebServer.ini File
Using a text editor, open the <TREX_Directory>\TREXWebServer.ini configuration file on the host on which the TREX Web server is installed.
In the [HTTPServer] section, change the URL_IIS parameter (Windows) or URL_Apache (UNIX) from http to https: URL_IIS=
https ://<hostname>:<httpServerPort>/TREXHttpServer/TrexIsapiExt.dll
In the same section, for the certfile parameter, enter the value SAPSSLS.pse for the keystore used.
[HTTPSERVER]
URL_IIS = https://P54896.wdf.sap-ag.de : 34844 /TREXHttpServer/TREXISAPIExt.dll
certfile = <homedirectory>/sec/ SAPSSLS.pse
This port number is valid for a TREX installation with the instance number 48.
Save the TREXWebServer.ini file and close the text editor.
Configuring HTTPS Communication
Choose the Directory Security tab, and then choose the Edit pushbutton from the Secure communications area.
Select the Require secure channel field.
Select the Require client certificates field.
Choose OK.
Defining the SSL Port
Choose the Web Site tab.
Specify the SSL port.
HTTP and HTTPS cannot run on Microsoft IIS on the same port. Therefore, you are not allowed to use the same number for both the TCP port and the SSL port.
Choose OK.
You have to restart TREX and the IIS (Internet Information Server) in order for the changes to the TREXWebServer.ini configuration file to be accepted by TREX.
The SAP_TREX_<trex_instance_number> Web site is fully configured. You now need to provide the root certificate of the CA to the Web server.