Show TOC

Access to TREX Through the JAVA ClientLocate this document in the navigation structure

Purpose

The Secure Sockets Layer Protocol (SSL protocol) is used for secure communication through the TREX Java client between the TREX components and the Java application using TREX (for example, SAP Enterprise Portal). For communication among the TREX servers, the TREXNet is used. This is a special protocol developed for TREX-internal communication. Like HTTP, it is based on TCP/IP. You then configure TREXNet for secure communication.

SSL with client authentication ensures:

  • Confidentiality - The data is transmitted in encoded form and cannot be intercepted.
  • Data integrity - The recipient can be sure that the transmitted data cannot be changed during the transmission.
  • Authentication - The communication partners know with whom they are communicating.

Secure communication is based on the use of electronic certificates. A certificate contains the public key of the owner and information on the owner, for example, his or her name (common name), organizational unit, or e-mail address. Certificates are issued by a certification authority (CA) that confirms the identity of the certificate's owner. The public and private certificates of the certificate owner are kept in a keystore (Personal Security Environment or PSE) that is protected by a password.

The two communication partners can then encrypt their messages before sending them. Administrators provide the necessary certificates. They also configure the security settings for the components and modify security-relevant parameters in the TREX configuration files.

Note

If you have distributed the TREX installation on several hosts, you have to carry out the configuration steps listed in this documentation on each separate host. The hosts have to authenticate themselves to each other in order to ensure secure communication. For detailed information about distributed installation of TREX, see SAP Service Marketplace at service.sap.com/instguidesNW70 → Installation Guide - SAP NetWeaver 7.0 Search and Classification (TREX) Multiple Hosts.

Prerequisites

  • In your enterprise, you have built up a public key infrastructure with your own CA that issues certificates.

    or

  • You are working with any organization that offers the issuing of certificates.

Secure Communication Areas

There are the following areas of secure communication between the TREX components and the application using TREX:

  1. Secure communication using HTTPS between the TREX preprocessor and the Web server of the application using TREX
  2. Secure communication using HTTPS between the TREX Web server and the TREX Java client (CM)
  3. Secure communication using HTTPS between the TREX Web server and the TREX name server
  4. Secure communication between the TREX servers using the TREX Net

The graphic below gives an overview of the components involved and the communication methods used.