SAP Mobile Platform includes two HTTPS listeners that clients can use to directly communicate with the SAP Mobile Platform Server HTTPS port. With the one-way HTTPS listener, the server certificate goes to the client; with the two-way HTTPS listener, the client must also send its certificate to the server for mutual authentication.
Both listeners use the server certificate identified by the smp_crt alias in the local keystore. The SAP Mobile Platform installation process creates this self-signed certificate. Most clients and servers do not trust a self-signed certificate, so SAP recommends that you use a trusted CA to sign a replacement certificate for the server.
Use Management Cockpit to import the signed certificate into the local keystore; use the alias smp_crt.
The summary steps for enabling a direct HTTPS connect to SAP Mobile Platform Server include: