Skip to main content

Configuring SSL for SAP Host Agent on UNIX



Context

In the following procedure we assume that you are using the default naming for the server PSE. If you want to override the default .pse name, you can use the following value in the profile file of SAP Host Agent ( host_profile):
ssl/server_pse= <Path to Server PSE>


1. Prepare the Personal Security Environment (PSE) for the server:

The server PSE contains the server certificate that is presented to the client when establishing the SSL connection, and the names and public keys of the trusted certificates. Trusted certificates can be either certificates issued by a Certification Authority (CA) or individually trusted certificates.

2. Restart SAP Host Agent.

3. Prepare the Personal Security Environment (PSE) for the client:

The client PSE contains the client certificate that is sent to SAP Host Agent when the SSL connection is established, and the names and public keys of the trusted certificates from CA.

The configuration steps are client-specific, that is why we only describe them in a generic way. Follow the instructions in the specific client documentation.

Examples for possible clients are the SAP Management Console (SAP MC), the SAP Solution Manager Diagnostics Agent, or the SAP Landscape Virtualization Management (LVM) software (formerly known as Adaptive Computing Controller (ACC)).

Link for better understanding : 

https://help.sap.com/doc/PRODUCTION/saphelp_nw74/7.4.16/en-US/8d/12f7b9244b44219bd14d619d3a2123/content.htm?no_cache=true

If there is no certificate in the SAP Host Agent security directory, the SAP HANA database lifecycle manager generates one. The SAP HANA host name is used as the default certificate owner. The certificate owner can be changed by using the call option --certificates_hostmap

To enable secure communication with the SAP Host Agent over HTTPS, the SAP Host Agent needs a secure sockets layer (SSL) certificate in its security directory. This certificate is also used by the SAP HANA database lifecycle manager (HDBLCM) Web-based user interface and the SAP HANA cockpit for offline administration because the Web pages are served by the SAP Host Agent




Labels:

Comments

Post a Comment

You might find these interesting

8 Must-Know Questions About Object Store on SAP Business Technology Platform

What is the problem that Object Store solves ? Modern enterprise systems increasingly deal with massive volumes of unstructured data such as documents, logs, media files, and backups. Traditional relational databases are not optimized for such workloads. What is Object Store ? Object storage—commonly referred to as blob storage—addresses this gap by providing scalable, durable, and cost-efficient storage for unstructured data. Object storage is a storage architecture designed to manage unstructured data as discrete units called objects.  Each object consists of: Binary data (file content) : Image , File etc Metadata (descriptive attributes) : File size, Content type, Last modified timestamp, Storage class (hot, cool, archive) Unique identifier (key or URL) : unique path-like string used to locate a blob inside a bucket Unlike file systems or relational databases, object storage does not rely on hierarchical file structures or schemas. The SAP BTP Object Store service is a managed, ...
Post a Comment
Read more