Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
cris_hansen
Advisor
Advisor

This is the sequel of my first blog, presenting a new UI interface available for SAP Web Dispatcher.


1. Prerequisites

In order to use the PSE Management in Web Administration Interface of SAP Web Dispatcher, it necessary to use version 7.42 of the load balancer, as of patch level 22.

It is necessary that the user ID used for the administration has Admin rights (set the "admin" group while creating the user ID):

2. Initial view

By starting the Web Dispatcher Administration page, the left hand menu presents the PSE Management link:



If the PSEs are already created in the $SECUDIR directory, the following screen is displayed:



In the example above, note that there is one certificate in the PKList.


By clicking in the "Recreate PSE" button, the PSE will be recreated, thus you can use one algorithm from the SHA-2 family.


3. Recreating the PSE

The Distinguished Name needs to be informed, using in the Common Name the FQDN of the Web Dispatcher.


In the Algorithm dropdown box, it is possible select the SHA-2 algorithm:



It is also possible to select the key length (usually higher than 1024 bits, as CAs are no longer signing CSRs with 1024 bits) and a PIN.


Since this is a new PSE, it is necessary to create a CSR and submit to a CA, once it current PSE has a self-signed certificate (validity until 2038):



It is also necessary to import additional certificates, as the PKList is now empty.


After creating the CSR, it is possible to read its content (using a third party tool) and see:

"...

Certificate Request:

    Data:

        Version: 0 (0x0)

        Subject: CN=

        Subject Public Key Info:

            Public Key Algorithm: rsaEncryption

                Public-Key: (4096 bit)

                Modulus:

...

                Exponent: 65537 (0x10001)

        Attributes:

            a0:00

    Signature Algorithm: sha256WithRSAEncryption

..."

The Signature Algorithm shows the use of sha256, as selected during the PSE creation.

4. Reference Documents

4 Comments