Tuesday, 25 October 2016

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

Out of the box, my HANA Web Dispatcher comes with a self-signed SSL certificate, which makes its connections insecure:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates
Checking the certificate details confirms that it is self-signed:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

Logging into the HANA Web Dispatcher confirms this further:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

If you had read my previous blogs about Enabling on premise Fiori SSO with OpenSSL certificates or Secure your HANA Cloud Connector with OpenSSL certificates the following procedure will be familiar to you, despite some slight HANA Web Dispatcher variations. Please refer to these two blogs for any detailed steps not repeated here.

First I create a CA request:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

And import this into my CA:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

To be signed:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

And exported:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

Then I import the CA response together with the CA certificate back into the HANA Web Dispatcher:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

Which is acknowledged with a success message. Also the Issuer is now shown as my CA:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

With this my HANA Web Dispatcher connection is secure:

SAP HANA Certifications

As my HANA Web Dispatcher certificate is now being trusted since issued by a trustworthy CA:

Enable TLS on HANA Web Dispatcher with OpenSSL certificates

Source: scn.sap.com

1 comment: