on 08-20-2015 9:55 AM
Hi,
We have developed a Web portal application for a Bank.
In this application, anyone (within the bank as well as outside the bank) can register their personal and professional information.
This information is entered via the Webdynpro ABAP portal created by us and stored in SAP SRM server.
An Audit took place in the bank and following was a major concern:
Vulnerability : Non-SSL Form
Since the application can be accessed from outside the banking network,
data such as the authentication information (Username , email, password,) is sensitive.
Solution suggested:
Use Bank external Authority Certificate to secure the exchange of data between Client browser and server.
My questions:
1) How do we implement this in application ? Should the certificate be installed on SRM Server ?
2) Will this certificate be given by the bank ?
3) How will the certificate reach client browser ? Do we need to write abap code to send the certificate file to client browser folders
like Google Chrome, Mozilla and Internet Explorer etc. ?
Hi,
You can check here how to setup SSL on application server and web dispatcher:
Configuring the AS ABAP for Supporting SSL - Network and Transport Layer Security - SAP Library
Configuring SAP Web Dispatcher to Support SSL - SAP Web Dispatcher - SAP Library
Best regards,
Gabor
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.