Show TOC Start of Content Area

Procedure documentation Testing the SSL Connection  Locate the document in its SAP Library structure

Prerequisites

      The SSL Provider and Key Storage services are running on the AS Java server process.

      The AS Java is configured to support SSL on a designated port and you know the port.

      You trust the CA that has issued the public-key certificate that the AS Java uses for SSL connections.

Note

You can find the list of CAs that you trust in your Web browser’s trusted root certificate store.

Procedure

Using your Web browser, access the start page of the AS Java as shown below:

https://<fully_qualified_name_of_AS_Java_host>:<ICM_https_active_service_port>

Example

For example, to access AS Java running on a host with fully qualified name shop.acme.com and https Active Service ICM port 50001, you enter the following URL in your Web browser’s address bar:

https://shop.acme.com:50001

Result

If SSL is configured correctly, then the AS Java’s start page appears in your Web browser. Many Web browsers also display a lock in their footer. Select the lock with a double-click to view the server’s certificate.

Note

You may receive a warning in the following cases:

·         The SSL server certificate has expired or is invalid.

·         You do not trust the CA that issued the server its certificate. (The CA’s root certificate is not contained in your Web browser’s list of trusted CAs.)

·         The host name contained in the server’s Distinguished Name does not match the host name you used in the URL.

If you do receive a warning, confirm it and continue. Nevertheless, SSL still works properly. However, we recommend correcting the problem that caused the warning. For example, if the CA’s root certificate is not considered trusted but you do trust this CA, then import the CA’s root certificate into your Web browser.

 

 

End of Content Area