Certificate Alias and HTTPS Connections

A certificate alias is the name given to a certificate in the SAP Mobile Platform keystore. The alias identifies a specific certificate to use when making an HTTPS connection to a URL. Each entry in a keystore has an alias to help identify it.

If the back end requires mutual SSL connectivity, a certificate alias is required.

The "smp_crt" alias identifies the certificate that SAP Mobile Platform Server uses with its HTTPS listeners.

The CN (common name) of a generated X.509 certificate should be the fully qualified host.domain of the server on which SAP Mobile Platform is installed.

Note

If SAP Mobile Platform is running in a cluster, you can use "*.domain" as the CN.

SAP Mobile Platform includes two keystore files, with the same initial password:

local_smp_keystore.jks – created and maintained by the product installer; on each cluster node, stores certificates for the local server, from which you access Management Cockpit. These certificates are used for HTTPS connections.
smp_keystore.jks – maintained by system administrators; stores trusted certificates and PKCS #12 certificates for technical user back-end connections, and the truststore. This keystore syncs to all servers in a cluster, so you need not import these certificates into each node.

Keystores may also contain user certificates that the server uses when back-end systems require mutual-certificate authentication.