To avoid security exceptions when launching SAP Control Center, set up security certificates correctly.
This task is required when:
- The browser session starts from a host computer that is remote from the SAP Control Center installation.
- The browser session starts on the same computer as
SAP Control Center and reports a Certificate Error. The
installer automatically sets up a local security certificate, but the certificate
installed for https in the web container keystore is a self-signed root
certificate, which is not recognized by the client browser.
- The host computer does not have Visual Studio Certificate Manager SDK installed.
Alternatively, follow browser-specific instructions to accept the certificate into the Windows certificate store.
- Change the default shortcut to use the full host name of the computer on which SAP Control Center has been installed.
The host name is required because the default self-signed generated certificate the installer issues cannot be assigned to “localhost.”
For example, change the shortcut URL to something similar to:
"%ProgramFiles%\Internet Explorer\iexplore.exe" https://SCChost.mydomain.com:8283/scc
- Add the certificate to the Windows certificates store.
- Extract the self-signed certificate:
SMP_HOME\sapjvm_7\bin\keytool.exe -exportcert -alias jetty
-keystore SCC_HOME\services\EmbeddedWebContainer\keystore -file cert.crt
- Click mmc, and then click OK to import the cert.crt file into the host computer’s Windows store with the Windows Certificate Manager. The default password for both the keystore and the alias is "changeit"., type