SAP Web dispatcher installation & SSL certificates installation by managing PSE file

By | November 4, 2018

Here, in this Article will guide you the all possibilities to install SSL certificates in SAP web dispatcher for Fiori. Also give tips for profile parameters. To complete the entire process, we need to coordinate with CA authorities for the same.

Main Agenda :

  • Prerequisites
  • Web dispatcher installation guide lines
  • Profile parameters settings
  • CSR creation
  • Verification of SSL certificates
  • Import steps

 Prerequisites :

  • Server Windows or Linux with Installation DVD’s & SWPM. For more details check in PAM.
  • Static/Public IP.
  • Registered domain or any sub domain.
  • SSL Certificates against the CSR.

Installation Process :

  • Before start the installation, Please make sure that host entry exist with host name and fully qualified domain.
  • Then start installation by executing software provision manager & complete it.
  • From version 720 on wards, the Web dispatcher Administration page is available.
  • So, you can directly access the Admin page by using the below URL.
    http://<host name>:443<nn>/sap/wdisp/admin/public/default.html
    Here, <nn> is web dispatcher instance number.
  • Also you need to provide the credentials for the same.
    • User name : webadm
    • Password : Master password
  • Then resp admin page will appear.

    CSR Creation process :

  • Once get into the admin page,  go to PSE management & select the SAPSSLS.pse file.
  • After that recreate the PSE file with your registered CN=sap.company.com (domain).
  • Now create a new CA response. Which is nothing but CSR certificate.
  • Then provide the same to CA authorities for SSL certificates with digital signature.

    Verification of SSL Certificates :

  • Once your received below the SSL Certificates from CA authorities, please cross verify the CA intermediate cert’s from SSL providers portal.
    • COMODORSAAddTrustCA.crt
    • COMODORSADomainValidationSecureServerCA.crt
    • AddTrustExternalCARoot.crt
    • PositiveSSL.crt (For domain)

Import Process :

  • Finally, you need to import the all certificate’s in the below order from “Import CA Response” option.
    ————BEGIN CERTIFICATE—————-
    Intermediate 1
    ————–END CERTIFICATE—————–
    ————BEGIN CERTIFICATE—————-
    Intermediate 2
    ————–END CERTIFICATE—————–
    ————BEGIN CERTIFICATE—————-
    Root CA
    ————–END CERTIFICATE—————–
    ————BEGIN CERTIFICATE—————-
    PositiveSSL
    ————–END CERTIFICATE—————–
  • That’s it. Check your domain with respective port. If it is not working, then wait some time & restart the Web dispatcher.

 

Thanks!

“If you like this Article, hit me with Facebook like button & share to your friends. If you have any doubts, please let me know as a comment as below”

Leave a Reply

Your email address will not be published.