Re: how to enable HTTPS service for SAP MII12.1?

Hi Nikhil,

  You are welcome. So if I understand your query correctly, the HTTPS configuration is already done in SAP MNC's ICM . You have installed the libraries too. Now all you need to do is install the certificates.

Here's how I did it for my machine.

Point of reference: Configuring the SSL Key Pair and Trusted X.509 Certificates - Network and Transport Layer Securit...

Create a new certificate::

1.  Go to Certificates and Keys sections in NWA (NWA -> Configuration Management -> Security -> Certificates and Keys) and select the “ICM_SSL_<instance_id>” keystore view. Remove the ssl-credentials and ssl-credentials-cert from the “Key Storage View Details” section.

2.Now, click "Create". On the first page of the wizard enter your fully qualified hostname as the "Entry Name". The fully qualified hostname depends on whether your CPU has a static or dynamic IP address. For example, in case of static IP address, it is something like <machine_name>.ind.abc,corp, for dynamic IP it looks like <machine_name>.dhcp.ind.abc.corp. Select the “Store Certificate” checkbox and leave everything else as it is. Click “Next”

3.Repeat your fully qualified hostname as the commonName and mention you country shortname in countryName. Leave everything else as it is and click “Finish”.

You will see two entries as <your fully qualified hostname> and <your fully qualified hostname>-cert in the “Key Storage View Details” section.

Now we would have to sign the certificate::

Point of reference :: the above link and Sending the Certificate Requests to a CA (SAP Library - SAP NetWeaver by Key Capability)

1. Select <your fully qualified hostname> entry and click “Generate CSR Request”.

2. In the popup window, select File Type as “Base64 PKCS#10” and click the “Download” link.

3. Save the <your fully qualified hostname>.pem file on your machine. Open it in notepad and copy all the content.

4. depending upon the CA you choose/have you would send/paste the data there. (Step 2 of above link)

5.download/copy paste the response to you file systm . keep the extension as cert.

6.Go back Certificates and Keys window in NWA and select <your fully qualified hostname> entry from the “Key Storage View Details” and click “Import CSR Response”.

   Import Order:: 1. newly created .cer fle 2. Root certificate SAP Trust Center Service - Root Certificates

Restart the server. check for issues. follow Testing the SSL Connection - Network and Transport Layer Security - SAP Library

Hope it helps

Regarrds,

Tufale Ashai