Problem :
HTTPS Protocol need to be enable for non-production landscape, to avoid SSL certificate error on browser.
Solution:
We can create and apply self signed certificate for non-production SAP System. We will be using OPENSSL command line tool that has been used to generate Private key , CSRs , root certificate and self-signed certificate.
To download the OPEN SSL tool https://www.openssl.org/
1. Generate the key pair of rsa algorithm with key length 2048 .
cmd > openssl genrsa -out key-pair.key 2048
2. Create certificate signing request and fill the required details like Country, State, Common Name.
cmd > openssl req -new -key key-pair.key -out certificate.csr
3. Now create Root CA certificate for self-signed certificate
cmd > openssl req -x509 -new -nodes -key key-pair.key -sha256 -days 350 -out myCA.pem
4. Now create a self signed certificate
cmd> openssl x509 -req -days 3650 -in certificate.csr -CA myCA.pem -CAkey key-pair.key -CAcreateserial -out server-cert.crt
5. Now converted the created certificate in PKCS12# format and provide your password.
cmd> openssl pkcs12 -export -out server-cert.pfx -inkey key-pair.key -in server-cert.crt
Now import server-cert.pfx into the system through STRUST (ABAP) or into Certificate and Key Storage (JAVA)
Also this server-cert.pfx can be converted into *.pse and it can also be imported directly into system.
If you are still getting the certificate error after calling the URL on HTTPS
Then import Root certificate in Trusted root Certification Authority and PKCS12 certificate in Personal of Certification Manager.
Optional :
cmd> openssl rsa -in key-pair.key -pubout -out key-pair-public.key
No comments:
Post a Comment