Show TOC

Configuring Secure Communication on the Web ServerLocate this document in the navigation structure

Use

After you have imported the certificate for the Web server, configure the settings for secure communication.

  • Configuring the TREXWebServer.ini INI File

    In order to prepare the TREX Web server for secure communication using HTTPS with the TREX Java client, change the communication protocol from HTTP to HTTPS in the configuration file TREXWebServer.ini, and specify the name of a key store (SAPSSLS.pse).

    Note

    The keystore SAPSSLS.pse was created with the cryptography tool SAPGENPSEwhen you configured secure communication between the TREX preprocessor and the Web server of the application using TREX (seeTREX Preprocessor and Web Server of the Application (HTTPS))

  • Configuring HTTPS Communication

    You then define the protocol to be used for communication with the Web server. We recommend that you choose HTTPS communication, since it is the only way of ensuring secure communication and authentication of the communication partner.

  • Defining the SSL Port

    In the final step, you specify the SSL port to be used for the HTTPS communication.

Prerequisites

You have imported the certificate for the Web server to the Web server. You have opened the Internet Services Manager and are displaying the properties of the Web site SAP_TREX_<trex_instance_number>.

Configuring the TREXWebServer.ini File

  1. Using a text editor, open the configuration file< TREX_Directory>\TREXWebServer.ini on the host on which the TREX Web server is installed.
  2. In the section [HTTPServer], change the parameterURL from httpto https:URL=https://<%trexserver%>:3<trex_instance_number>44/TREXHttpServer/TREXHttpServer.dll
  3. In the same section, for the parametercertfile, enter the value SAPSSLS.pse for the keystore used.

[HTTPSERVER]

URL = https://P54896.wdf.sap-ag.de:34844/TREXHttpServer/TrexHttpServer.dll

certfile = <homedirectory>/sec/SAPSSLS.pse

This port number is valid for a TREX installation with the instance number 48.

  1. Save the TREXWebServer.inifile and close the text editor.

Configuring HTTPS Communication

  1. Choose the Directory Security tab, and then choose the Edit pushbutton from the Secure communications area.
  2. Select the Require secure channel field.
  3. Select the Require client certificates field.
  4. Choose OK.

Defining the SSL Port

  1. Choose the Web Sitetab.
  2. Specify the SSL port.
    Caution

    HTTP and HTTPS cannot run on Microsoft IIS on the same port. Therefore, you are not allowed to use the same number for both the TCP port and the SSL port.

  3. Choose OK.
  4. You have to restart TREX and the IIS (Internet Information Server) in order for the changes to the configuration file TREXWebServer.ini to be accepted by TREX.

Result

TheSAP_TREX_<trex_instance_number> Web site is fully configured. You now need to provide the root certificate of the CA to the Web server.