This document introduces the all steps about how to implement SSL mannually
- Users want to implement accessing AS Java via SSL (Secure Sockets Layer)
- Access AS Java from https protocal.
for example: https://hostname:50001/irj (instead of http://hostname:50000/irj)Create key pair steps.doc
From NetWeaver 7.2 and higher release, you can use SSL configuration tool instead.
1. Maintain ICM Parameters for Using SSL :
- Find instance profile /usr/sap/<SID>/SYS/profile/<SID>_<instance>_<hostname>
- Add icm/server_port_<xx> and ssl/ssl_lib in to this proile.
- Restart the ICM
* Please refer to document Maintaining ICM Parameters for Using SSL for detail
2. Open NWA Key storage:
http://<portal_hostname>:<port>/NWA > Configuration Management > Certificates and Keys
3. Backup ICM_SSL_<instance_ID> view
<Caution> By default, the AS Java uses the ICM_SSL_<instance_ID> view for setting up an SSL connection.
4. Generat the New Key Pair (private key and certificate)
- Find the ICM_SSL_<instance_ID> view, or ICM_SSL_<instance_ID>_<port>
- Delete for the existing AS Java key pair entry
- Create new key pare by clicking "Creat" button.
* You may find more detail information regarding
- How to Creating a Key Pair and Public-Key Certificate
- How to Configuring the Use of SSL on the AS Java
- There is a attachment "Create key pair steps.doc" in this KBA.
After that 2 entry should been generated:
5. Sign it by CA
- Clicking "Cenerate CSR Request" to download the entey.
- Send the request file to CA vendor.
- Import the CA response file by "Import CSR Response" or "Import Entry"
Please also refer to the screenshot in attachment Create key pair steps.doc.