Help with Apache Reverse Proxy configuration with SAP Portal and SAP Webgui
Dear Experts,
I have an issue configuring Apache to work with SAP Portal and ERP webgui. Accessing Portal through Reverse Proxy is working fine. But the problem arises when we try to open an iView ERP webgui transaction page from Portal with the Reverse Proxy. Have anyone implemented similar requirements and could advice on the configuration required on the Apache side? Thank you
hi,
pls check the below links for reference:
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/24396589-0a01-0010-3c8c-ab2e3acf6fe2
searchsap.techtarget.com/searchSAP/downloads/chapter-december.pdf
1)Learn to implement the reverse proxy filter and portal gateway in SAP Enterprise Portal 6.0 on Web Application Server 6.40.
https:/.../irj/sdn/nw-portalandcollaboration?rid=/webcontent/uuid/006efe7b-1b73-2910-c4ae-f45aa408da5b
.2 )Configuring the Portal for Your Reverse Proxy Filter Solution . ... This document describes the reverse proxy filter mechanism in SAP Enterprise ...
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/32ad9b90-0201-0010-3c8a-c900cd685f8f
3)have full reverse proxy functionality. Possibly. filter. requests. Internet ... Reverse proxy (optionally with authentication etc.) ...
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/c066c390-0201-0010-3cba-cd42dfbcc8be
Note:please reward points if solution found helpfull
Regards
Chandrakanth.k
Similar Messages
-
Problem with Apache reverse proxy after applying SP13 NW
Hello,
we have a NW04 EP Portal and a Apache reverse proxy in the DMZ. After applying SP 13 for the portal we get the following error from the reverse proxy:
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /irj/.
Reason: Error reading from remote server
Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7e Server at servername.company.de Port 443
Is is it possible, that there is a problem with sp13?
Best regards
Daniel HolsteinHi Daniel,
ok I`ll try to find a solution in parallel and keep you up to date.
In the following my settings in case I missed something:
<VirtualHost test.firma.de:443>
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /apache/keys/pac_ssl_qep_dmz_server.crt
SSLCertificateKeyFile /apache/keys/pac_ssl_qep_dmz_server.key
ServerName test.firma.de:443
ServerAdmin [email protected]
LogLevel debug
ErrorLog logs/ssl_443_error
CustomLog logs/ssl_443_access_log common
ProxyVia Off
ProxyPreserveHost On
ReWriteEngine on
ReWriteLogLevel 0
ReWriteLog logs//ssl_443_rewrite_http.log
ProxyPass / https://backend.firma.de:50001/
ProxyPassReverse / https://backend.firma.de:50001/
</VirtualHost>
Regards, Jens -
Printing Issue from ITS with a Reverse Proxy Configured
Hi experts,
We have an enterprise portal landscape which can be accessed from the internet. The URLs are mapped using apache server as a reverse proxy. Also, we have configured the reverse proxy settings for accessing R/3 systems.
When the users try to take the print out from the ITS Web GUI accessed through the enterprise portal, the page redirects itself to an only internally resolvable host name of the R/3 ITS.
Due to this issue, users are not able to take prints from internet.
I would like to know if there is any way by which i can change this to my externally resolvable reverse proxy host address, which in turn can be mapped internally to the original host name at the reverse proxy level.
Can any one help me out in this?
Thanks a lot
ShobinHi Shobin,
SAP note 1145306 might provide some help about directives to be used.
Regards,
Dieter -
Hi
I have installed Apache Reverse Proxy to access my Portal and ECC6.
In the httpd config file , i have done the following settings.
<VirtualHost ipaddress:port>
ProxyPreserveHost On
ProxyPass /irj/ http://portalserver:50000/irj/
ProxyPassReverse /irj/ http://portalserver:50000/irj/
ProxyPass /eccdev/ http://eccserver:8000/eccdev/
ProxyPassReverse /eccdev/ http://eccserver:8000/eccdev/
</VirtualHost>
eccdev is external alias for the path
/sap/bc/gui/sap/its/webgui/
With this setting when i when a request is made for eccdev/
it takes me to the ecc6 login page.
when i enter the required information , it just clears the username password fields.
i checked that the username password are correctly entered.
what is the problem ?
Regards
RajendraHi Darren ,
Thanks for the reply.
Our SSO between Portal and ECC6 works fine without Reverse Proxy.
If we access the Portal Through Reverse Proxy , when we navigate to any iViews say BSP iView , it asks for Username password. Once provided it works fine.
Second Scenario is Using Reverse Proxy to Directly access
SAP GUI . i.e without using Portal.
If i do not use Reverse Proxy , i can access my ECC6 webgui
through browser after providing the Login Details, but if i use Reverse Proxy then Even after providing the Login Details ,
the LogOn Box does not go and keeps asking for login details.
To summarize , i just want to acess the SAP GUI from Browser
using Reverse Proxy . I am able to do it without reverse Proxy .
Can you help ? -
Reverse Proxy Configuration - Apache as an SSL reverse-proxy
Hi,
We have EP 6.0 SP 14 installed with SSL configured.
We are in need to open the application to internet.
For the same we have set up a reverse proxy server (Apache as SSL
Reverse Proxy).
Our requirement is to open the application to the internet with
web address https://abc.domain.com.
The issue is we are able to access the application from internet only when
https://abc.domain.com/irj/potal is typed.
(ie.) Mapping is working fine for
https://abc.domain.com/irj/portal to
our EP Portal address https://abc2.domain.com:50001/irj/portal
And not working for mapping https://abc.domain.com to our EP Portal
address https://abc2.domain.com:50001/irj/portal
We have been working on to resolve this issue for days together but have been really unsuccessful
Kindly help us in resolving the same asap.
Note : The references we used are:
1. SAP's document:
"Apache Reverse Proxy Configuration for J2ee 6.20 and 6.40 Web Applications"
2. Weblogs:
The Reverse Proxy Series -- Part 1: Introduction
The Reverse Proxy Series -- Part 3: Apache as a reverse-proxy
The Reverse Proxy Series -- Part 3.1: Apache as an SSL reverse-proxy
Regards,
venkat.Thanks much for the feedback. We're using the default settings on the HTTP rule we have set up for the portal on the ISA server. We'll be looking into the details of what the default rule settings are, however we did find a note in the Microsoft Knowledge base detailing with the ISA server screening high bits in URL strings for Outlook Web Access (OWA). This generates a similar error message. Here is the link to the detailed note on the Microsoft web site:
http://support.microsoft.com/?scid=kb;en-us;837865
Also,we are going to be applying the SP1 upgrade to the ISA server (released in March) to see if this might be some type of issue that may have been identified and corrected by the service pack. We'll see what happens with that.
One area where we can recreate the problem at will is when we set up the system landscape configuration. We can navigate to a system configuration object, however when we attempt to right click to edit the object we get the error. There are other circumstances where we get errors but that is one that occurs for sure. Anyone have any idea as to what might be special about that type of transaction??
Thanks again.
Rich -
SAP Webdispatcher - Reverse Proxy Configuration
Hi All,
Need your help in configuration SAP Webdispatcher as reverse proxy. Currently we are using Apache as reverse proxy, but we are facing 400 Bad Request error and not able to solve the issue.
So We are planning to install Webdispatcher and configure reverse proxy and test.
Below is the Apache Reverse proxy configuration. Need help in configuring the same parameters in SAP Webdispatcher
ProxyPass /sap http://srmerver:8000/sap
ProxyPass /SRM-MDM http://mdmserver:50100/SRM-MDM
ProxyPass /mdmimages http://portalserver:8090/mdmimages
ProxyPass /irj http://portalserver:50100/irj
ProxyPass /saml2 http://portalserver:50100/saml2
ProxyPass / http://portalserver:50100/
ProxyPassReverse /sap http://srmserver:8000/sap
ProxyPassReverse /SRM-MDM http://mdmserver:50100/SRM-MDM
ProxyPassReverse /mdmimages http://portalserver:8090/mdmimages
ProxyPassReverse /irj http://portalserver:50100/irj
ProxyPassReverse /saml2 http://portalserver:50100/saml2
ProxyPassReverse / http://portalserver:50100/
Regards
PonnusamyHi
Kindly refer the SCN link
How to...Configure SAP Webdispatcher as a reverse proxy
http://basisondemand.com/Documents/Whitepaper_on_SAP_Web_Dispatcher.pdf
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a015cea3-9627-2e10-a792-8f39e3d0b59d?QuickLink=index&…
Regards
Sriram -
Apache Reverse Proxy: Domain problem
Hi,
I have a problem with Apache Reverse Proxy (Apache 2.2) and SAP Enterprise Portal 6.0.
I configured Apache as a Reverse Proxy Server (with SSL)so that the portal is accessible through the internet. Everything is working fine but the OWA integration doesn't work over the Reverse Proxy.
If I log on to <u>http://portalsrv.mydomain.xx:12345/irj</u> the OWA integration works fine with SSO and there is no problem with session management.
If I log on to <u>https://revproxy.mydomain.zz:1234/irj</u> and want to open Outlook I get the message that Session management doesn't work. However the other components like ESS work fine. Deactivating the DSM Logger is not a solution to this problem.
The Log tells me:
1.
Application domain 'mydomain.xx' differs from Portal domain 'mydomain.zz'.
Session Management will not work for Application 'abc.mydomain.xx'
2.
Application schema 'http' differs from Portal schema 'https'.
Session Management will not work for Application 'abc.mydomain.xx'
Is there a possibility to write a Rewrite-Rule in the Apache-Conf?
For instance:
https://abc.mydomain.xx --> http://abc.mydomain.zz
Does anybody made such a rule?
I hope anybody can help me with the problem.
Thank youHi Daniel,
ok I`ll try to find a solution in parallel and keep you up to date.
In the following my settings in case I missed something:
<VirtualHost test.firma.de:443>
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /apache/keys/pac_ssl_qep_dmz_server.crt
SSLCertificateKeyFile /apache/keys/pac_ssl_qep_dmz_server.key
ServerName test.firma.de:443
ServerAdmin [email protected]
LogLevel debug
ErrorLog logs/ssl_443_error
CustomLog logs/ssl_443_access_log common
ProxyVia Off
ProxyPreserveHost On
ReWriteEngine on
ReWriteLogLevel 0
ReWriteLog logs//ssl_443_rewrite_http.log
ProxyPass / https://backend.firma.de:50001/
ProxyPassReverse / https://backend.firma.de:50001/
</VirtualHost>
Regards, Jens -
Apache Reverse Proxy with Abap Web query
Hi to all
We are trying to configure apache 2 to work as a reverse proxy with web abap Netweaver installation.
From inside the network the web query is fine.
Running the query with the reverse proxy we have only the html code in the browser. All the scripts and css are not present.
We checked some messages inside the forum and we have tried a lot of stuff without success.
We use always linux (Fedora, Ubuntu with xampp or apache only) plus the html module or the publisher from http://apache.webthing.com.
Our installation is like this the reverse proxy in the dmz and the netweaver to the inside off coarse, and we don't have the same domain name, i don't know if this is important.
Any help/idea is valuable.
Thank you
YiannisHi Olivier
I have seen your solution in other messages but i didn't try it because i was trying to work with the html_proxy module.
I read the documents you gave me plus some apache tutorials on the rewrite rule.
In any case i have my installation working now.
I did some extra changes in my config so now the rules are like that
ProxyVia On
ProxyBadHeader IsError
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /sap http://192.168.1.59:8001/sap
ProxyPassReverse /sap http://192.168.1.59:8001/sap
RewriteEngine On
RewriteRule ^/(sap\(.*) http://192.168.1.59:8001/$1 [P,L]
Thanks again for your help
Yiannis -
Hi,
I'm trying to install Apache Reverse proxy which will support both HTTP and HTTPS request.
<b>What do I need to activate to support the HTTPS requests?</b>
I installed Apache 2.0.53 Released and trying to activate the mod_ssl.
From Where can I get the mod_ssl.so?
I saw that there are 2 projects:
Apache Interface to OpenSSL (mod_ssl)
Apache-SSL
Do I need to use them in case I want to use HTTPs?
Regards,
YaelGet the latest oppenssl compile it. before you compile apache, execute ./configure --help in the apache directory. It will give you the commands that you need to use to activate and deactivate various things in apache.
mine is as follows:
./configure --with-layout=GNU --enable-proxy --enable-ssl --with-ssl=/usr/lo
cal/src/apachessl/openssl-0.9.7f/ --enable-vhost-alias --enable-rewrite --enable
-so --enable-proxy-http --enable-proxy-connect --enable- headers
then make and make install.
hope it helps.
Jai -
Could you please let me know how SharePoint HNSC can be configured with a reverse proxy server so that HNSC Share Point URLs are not exposed to end users.
In normal path based site collections/web applications, reverse proxy configuration can be done using alternate access mappings with Public URL = "proxy URL", internal = "HNSC Share Point URL" so that share point sends response back
to Public URL = "proxy URL".
In Host Named Site Collections, alternate access mappings are not supported. Each HNSC is designed to have only one URL in each zone. Zone is one of the five zones(Default,Intranet,Internet,Custom,Extranet) with each of which only one alternate
URL is associated. This is what we are able to get using power shell command "Set-SPSiteUrl", but this will not help us to get the response back to proxy URL after a request sent to share point because we could not find any mechanism in share
point HNSC to respond to a different URL(proxy URL). Consequently, Share Point URLs are exposed to external users.
Below share point article in MSDN blog is symmetrical to what we are observing with Share Point 2013 and Proxy Server. It mentions that internal HNSC URLs can’t be hidden using any proxy server. If hiding the internal Share Point URLS is a requirement,
it suggests to use a web application instead of host named site collections.
Though I’m also observing the same behavior with Share Point 2013 HNSC, Could you please confirm my understanding is correct.
http://blogs.msdn.com/b/kaevans/archive/2012/03/27/what-every-sharepoint-admin-needs-to-know-about-host-named-site-collections.aspx
Excerpt from above article-
"Host Named Site Collections Only Use One Host Name
Continuing on the discussion on AAMs and host named site collections, you cannot use multiple host names to address a site collection in SharePoint 2010. Because host-named site collections have a single URL, they do not support alternate access mappings and
are always considered to be in the Default zone. This is important if you are using a reverse proxy to provide access to external users. Products like Unified Access Gateway 2010 allow external users to authenticate to your gateway and access a site
as http://uag.sharepoint.com and forward the call to http://portal.sharepoint.com. Remember that URL rewriting is not permitted. Further, a site collection can only respond to one host name. This means if you are using a reverse proxy, it must forward the
calls to the same URL. If your networking team has a policy against exposing internal URLs externally, you must instead use web applications and extend the web application using an alternate access mapping."<u5:p></u5:p>Hi Satish,
You are right that only one URL is allowed for each zone of the host-name site collections in both SharePoint 2010 and SharePoint 2013.
It is by design that each host-name site collection only support one URL for each zone.
The article below is about RTM version of SharePoint, and it is the same for SharePoint 2013 with the latest CU.
https://support.microsoft.com/en-us/kb/2826457
So to make the URL of HNSC not exposed to external users is not supported, you need to use path-based sites instead.
Best regards.
Thanks
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected] -
Configuring a Apache Reverse Proxy for OracleAS Portal and OracleAS Single
I'm trying to implement my Oracle Portal 10g Release 2 with a reverse proxy (Apache 2.2) as described in this link: http://download.oracle.com/docs/cd/B14099_19/core.1012/b13998/variants.htm#BEIFECEH without success. I have Oracle Portal, Oracle SSO,OID in the same domain and Apache Reverse Proxy in another domain. Has anyone had success using OracleAS Portal with a reverse proxy?
First of all i'm trying to configure a reverse proxy only for Ora SSO (infra tier). Here is what i already do:
APACHE REVERSE PROXY (Apache 2.2)
http:/proxy.mycompany.com:80
ProxyRequests off
ProxyPassInterpolateEnv On
ProxyPass / http:/portal.tech.everett.it:7777/
ProxyPassReverse / http:/portal.tech.everett.it:7777/
ProxyPreserveHost On
ORACLE SSO
http:/portal.mycompany.com:7777
Here are the steps i already do:
1- CONFIG OID
create an ldif file called setdasurl.ldif and insert as follow:
dn:cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
changetype: modify
replace: orcldasurlbase
orcldasurlbase: http:/proxy.mycompany.com/
then do ldapmodify as follow:
ldapmodify -x -h portal.mycompany.com -p 3060 -D "cn=orcladmin" -w password1 -v -f setdasurl.ldif
2- CONFIG ORA SSO (as gentjan user)
export ORACLE_HOME=/home/gentjan/product/10.1.2/OracleAS/infra/
2.1-config Apache config of ORA SSO
vi $ORACLE_HOME/Apache/Apache/conf/httpd.conf
change from:
ServerName portal.mycompany.com
Port 7777
KeepAlive On
to:
ServerName proxy.mycompany.com
Port 80
KeepAlive Off
and add at the end of httpd.conf
RewriteEngine On
RewriteOptions inherit
2.2- update DCM Repository (as root)
*$ORACLE_HOME/dcm/bin/dcmctl updateconfig -ct HTTP_Server -v -d*
2.3- modify SSO Server Home URL to reverse proxy hostname and port (as root)
*$ORACLE_HOME/sso/bin/ssocfg.sh http proxy.mycompany.com 80*
2.4- Updating the targets.xml File
Open the ORACLE_HOME/sysman/emd/targets.xml file and locate the target type oracle_sso_server.
vi $ORACLE_HOME/sysman/emd/targets.xml
Update the HTTPMachine and HTTPPort attributes with the proxy server host and port attributes that were passed to ssocfg. For example:
Property NAME="HTTPMachine" VALUE="proxy.mycompany.com"
Property NAME="HTTPPort" VALUE="80"
Property NAME="HTTPProtocol" VALUE="http"
Save and close the file.
Reload the Application Server Control Console by issuing this command (as gentjan):
*$ORACLE_HOME/bin/emctl reload*
2.5- Re-register mod_osso on SSO Middle-tier with reverse proxy hostname and port
some needed permissions
chmod -R 775 /home/gentjan/product/10.1.2/OracleAS/infra/dcm/
Re-register mod_osso (as gentjan)
*$ORACLE_HOME/sso/bin/ssoreg.sh -oracle_home_path /home/gentjan/product/10.1.2/OracleAS/infra -site_name infra.proxy.mycompany.com -config_mod_osso TRUE -mod_osso_url http:/proxy.mycompany.com:80 -update_mode MODIFY*
2.6- update DCM Repository (as root)
*$ORACLE_HOME/dcm/bin/dcmctl updateconfig -ct HTTP_Server -v -d*
2.7- Restart OC4J_Security and Oracle HTTP Server at Infrastructure tier
*$ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=HTTP_Server*
*$ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=OC4J_SECURITY*
After this modifications my reverse proxy is ok.
I can access to http:/proxy.mycompany.com:80 and this redirect me to Oracle Application Server Welcome page.
If i try http:/proxy.mycompany.com/pls/orasso/orasso.home, i can view the SSO Server Home page.
The problem that i find is when i click to Login page for Oracle SSO.
I have the following error:
Forbidden You don't have permission to access /pls/orasso/ORASSO.wwsec_app_priv.login on this server.
So, in other words i can't do the login/logout under reverse proxy. Anyone can help?
Gentjan -
Reverse Proxy Configuration Help
I am running OFM 11.1.1.6.
Web Cache is running on port 8888.
Portal's OHS (the WebCache origin server) is running on 7777.
Reports' OHS (for /reports/rwservlet) is running on 8890.
Non-Oracle Apache 2.2 is running as a reverse SSL proxy for Portal on port 443.
I want to configure this reverse proxy so that it appears to the end user that the reports server is also running in HTTPS on port 443, instead of on port 8890. Can anyone please give me a tip on how to set this up?
In my httpd.conf for my Apache reverse proxy server, I have this within my main SSL virtual host:
ProxyPassReverse / http://hostname:8888/
ProxyPreserveHost On
RewriteEngine On
RewriteRule ^/(.*) http://hostname:8888/$1 [P]Do I need to add an additional virtual host for the proxy to the reports server? Or can I include it in this same virtual host? I've tried the following, but couldn't get it to work:
ProxyPassReverse /reports/rwservlet/ http://hostname:8890/reports/rwservlet/
ProxyPassReverse / http://hostname:8888/
ProxyPreserveHost On
RewriteEngine On
RewriteRule ^/reports/rwservlet/(.*) http://hostname:8890/reports/rwservlet/$1 [P]
RewriteRule ^/(.*) http://hostname:8888/$1 [P]Any guidance is appreciated.In case anyone finds this, this is how I got it all working:
In httpd.conf for the Apache reverse proxy:
ProxyPreserveHost On
RewriteEngine On
RewriteRule ^/reports/(.*) http://hostname:8890/reports/$1 [P]
ProxyPassReverse /reports http://hostname:8890/reports
RewriteRule ^/(.*) http://hostname:8888/$1 [P]
ProxyPassReverse / http://hostname:8888/In the Portal OHS's httpd.conf:
NameVirtualHost *:7777
<VirtualHost *:7777>
ServerName https://hostname
RewriteEngine On
RewriteOptions inherit
UseCanonicalName On
OssoConfigFile E:/ora11/product/portal_instance/config/OHS/ohs1/osso/osso_ssl.conf
OssoIpCheck off
OssoSecureCookies off
OssoIdleTimeout off
</VirtualHost>In the reports server's httpd.conf:
NameVirtualHost *:8890
<VirtualHost *:8890>
ServerName https://hostname
RewriteEngine On
RewriteOptions inherit
UseCanonicalName On
OssoConfigFile E:/ora11/product/reports_instance/config/OHS/ohs1/osso.conf
OssoIpCheck off
OssoSecureCookies off
OssoIdleTimeout off
</VirtualHost>You can use the same osso.conf for both reports and portal. Make sure to register with SSO specifying https://hostname as the registered URL. -
How to configure for GPlus Adapter with SAP Phone and SAP CRM
Hi All Basis Adm,
Please consider as an urgent basis i need the information that how to configure GPlus Adapter with SAP Phone and SAP CRM . My server is CRM 5.0 (kernel 7) with Oracle Database. This information is require to connect Webclient to Sap Phone with GPlus Adapter (Genesys Adapter 7.1). If u have any document regarding mentioned above than that will be acceptable.
Regds,
GovindaHi Prasad,
In you case, it's a file to file scenario.
Go thro' this link for a solution:-
/people/venkat.donela/blog/2005/03/02/introduction-to-simplefile-xi-filescenario-and-complete-walk-through-for-starterspart1
/people/venkat.donela/blog/2005/03/03/introduction-to-simple-file-xi-filescenario-and-complete-walk-through-for-starterspart2
Regards.
Praveen -
Does Safari support Automatic Proxy Configuration with a .wpad file?
Hello,
I was wondering if anyone knows whether Safari supports Automatic Proxy Configuration with a .wpad file?
MorganHI Morgan ..
Safari is extremely finicky about proxies and according to Wikipedia it dates back to older browser versions.
http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol -
Apache reverse proxy and SSL termination
Hi Guru's
Can anyone tell me, how to do SSL termination at apache reverse proxy. I am using apache reverse proxy for accesing portal from internet. Apache is configured for SSL and portal is NON SSL.
I am using header variable login module in portal. i wanted to terminate SSL at apache reverse proxy and then all traffic after that should be clear text.
should i maitain any property. is there any documentation for it.
Please help me
TomThe majority of the work here is around configuring your Web Dispatcher and Apache Reverse proxy. The work on the portal is straight forward enabling of SSL.
You can follow http://help.sap.com/saphelp_nw2004s/helpdata/en/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm for setting this up.
what level I need to configure SSL and how do I proceed in both scenarios?
Your question itself says where you need SSL. SSL is required where ever you need HTTPS communication.
how do I proceed in both scenarios?
From a portal perspective, the configuration should remain the same.
Do I have to install SSL at portal, web dispatcher or at Apache level?
SSL needs to be configured at all the 3 levels if you are looking at end to end SSL implementation.
See the following for possible SSL implementation options:
http://help.sap.com/saphelp_nw04/helpdata/en/d8/a922d7f45f11d5996e00508b5d5211/frameset.htm
https://cw.sdn.sap.com/cw/docs/DOC-115509
Will SSL termination work for scenario 2?
Yes this should work - see http://help.sap.com/saphelp_nw2004s/helpdata/en/36/fd39eacf4cde4a8fe32d7f29b3db16/frameset.htm
However in case of SSL Termination, the request to your portal from the web dispatcher will be sent as HTTP.
I would recommend you to take a step by step (backward approach).
First, enable SSL on your portal and make sure it works - going directly to the server.
Then, you can introduce the Web Dispatcher - and test if every thing works going through the web dispatcher.
Finally - you can test the end to end flow - with your Reverse proxy involved.
- Shanti
Maybe you are looking for
-
MBP bricked after servicing - Keyboard disconnected
Sorry ahead of time for the long story, but I appreciate any help and suggestions on what I could do about this. A few months ago (back in march) I had spilled a little bit of liquid on my 15inch mbp. The small spill area was on the bottom right hand
-
LAN design - how to implement a core switch?
Hi all, First post here so please be gentle :-) I'm looking for a bit of advice with a LAN setup I've been tasked with. The basic requirements are to have a demonstration suite of servers/storage devices networked with internet access with certain de
-
I am getting the Error as "Returned Content XMl is Empty" in SAP Jco Config
Hi, I am facing the problem in SAP Jco Config in SAP_JCo_Interface Action, while searching the BAPI (I am Using search Pattern as BAPI*) I am getting the error like following "Returned Content XMl is Empty". this URL refer the same problem ... Re: Re
-
Hello , I have this scenario where I need to raise LC for import PO . Need to track the LC and its maturity date . How to do this. Please guide . Regards Nandini
-
MetaData Cleanup - Remove Domain Implications
Morning All, I am working on a customers environment and after an AD health check, it is obvious they have Tombstoning domain controllers from a sub domain that shut down back in Jan (well over the 60 days). This is a single forest 'forest.local', wi