{"id":765,"date":"2021-01-28T15:56:30","date_gmt":"2021-01-28T10:26:30","guid":{"rendered":"https:\/\/adilfahim.com\/myblog\/?p=765"},"modified":"2024-02-27T19:09:08","modified_gmt":"2024-02-27T13:39:08","slug":"ssl-certificate-implementation-or-renewal-in-web-dispatcher","status":"publish","type":"post","link":"https:\/\/adilfahim.com\/myblog\/ssl-certificate-implementation-or-renewal-in-web-dispatcher\/","title":{"rendered":"SSL Certificate Implementation or Renewal in Web Dispatcher"},"content":{"rendered":"<p>Hello All,<\/p>\n<p>As per SAP best practice, if we are configuring our SAP systems to access from Internet or from External Network via SAP Web Dispatcher, we should implement SSL\/HTTPS certificate to secure our web dispatcher &#038; internal network.<\/p>\n<p>All traffic from outside will only process via SSL layer &#038; provide security to our SAP systems as well.<\/p>\n<p>For Implementing or Renewing the existing SSL\/HTTPS certificate, You need to purchase the same from any Third Party (i.e. &#8211; Go Daddy).<\/p>\n<p>They will provide you SSL certificate in different formats &#8211; i.e. &#8211; pfx or crt<\/p>\n<p>CRT file can directly import in SAP ABAP or JAVA system (STRUSTSSO2), make sure to enable https protocol on that respective system.<\/p>\n<p><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-2940668913820069\"\n     crossorigin=\"anonymous\"><\/script><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block; text-align:center;\"\n     data-ad-layout=\"in-article\"\n     data-ad-format=\"fluid\"\n     data-ad-client=\"ca-pub-2940668913820069\"\n     data-ad-slot=\"2902677462\"><\/ins><br \/>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p>For Web Dispatcher, we requires PSE file &#038; PSE file can be generate via provided PFX file by following below steps &#8211; <\/p>\n<p><strong>Pre-requisites &#8211; web dispatcher should be in running state with HTTPS protocol enabled.<\/strong><\/p>\n<p>1. Get PFX certificate from Vendor (i.e. &#8211; Go Daddy) with password.<\/p>\n<p>2. Copy the PFX certificate to any directory in Web Dispatcher<\/p>\n<p>Run the following commands to generate the PFX file from the same directory &#8211;  <\/p>\n<p><strong>#sapgenpse import_p12 -p \/usr\/sap\/SID\/W00\/sec\/DIR NAME\/SSL.pse \/usr\/sap\/SID\/W00\/sec\/DIR NAME\/SSL_Godaddy.pfx <\/strong>   &#8230;Press Enter..<\/p>\n<p>enter the encrypted password shared by Vendor<\/p>\n<p>Please enter PSE PIN\/Passphrase: BLANK<\/p>\n<p><strong>#sapgenpse seclogin -p \/usr\/sap\/SID\/W00\/sec\/DIR NAME\/SSL.pse -x password by vendor -O sidadm<\/strong>            ..Press Enter..<\/p>\n<p>Now SSL.pse has been generated in the same directory from here you trigger the commands.<\/p>\n<p>Maintain the below profile parameters &#038; Restart the Web Dispatcher &#8211; <\/p>\n<p>SSL_ENCRYPT = 1<br \/>\nssl\/ssl_lib = kernel dir\/libsapcrypto.so<br \/>\nssl\/server_pse = \/usr\/sap\/SID\/W00\/sec\/DIR NAME\/SSL.pse<\/p>\n<p>Also maintain the CIPHERSUITE parameters &#038; other SSL parameters as per your requirement.<\/p>\n<p><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-2940668913820069\"\n     crossorigin=\"anonymous\"><\/script><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block; text-align:center;\"\n     data-ad-layout=\"in-article\"\n     data-ad-format=\"fluid\"\n     data-ad-client=\"ca-pub-2940668913820069\"\n     data-ad-slot=\"2902677462\"><\/ins><br \/>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hello All, As per SAP best practice, if we are configuring our SAP systems to access from Internet or from External Network via SAP Web Dispatcher, we should implement SSL\/HTTPS certificate to secure our web dispatcher &#038; internal network. All traffic from outside will only process via SSL layer &#038; provide security to our SAP [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[8],"tags":[676,673,674,518,675,513,672,677,514],"class_list":["post-765","post","type-post","status-publish","format-standard","hentry","category-sap-updates","tag-libsapcrypto-so","tag-pfx","tag-pse","tag-sapgenpse","tag-seclogin","tag-ssl","tag-ssl_encrypt","tag-ssl-server_pse","tag-web-dispatcher"],"_links":{"self":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts\/765","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/comments?post=765"}],"version-history":[{"count":5,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts\/765\/revisions"}],"predecessor-version":[{"id":889,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/posts\/765\/revisions\/889"}],"wp:attachment":[{"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/media?parent=765"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/categories?post=765"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adilfahim.com\/myblog\/wp-json\/wp\/v2\/tags?post=765"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}