cancel
Showing results for 
Search instead for 
Did you mean: 

Webdispatcher - Force HTTPS

Former Member
0 Kudos

Hi experts,

i have followed the documentation regarding the SAP Webdispatcher, and have set up the redirecting of URLs for enabling HTTPS, but am running into some issues.

I have a Webdispatcher, version 720, that handles requests from two websites:

www.shop1.com (ISA shop)

www.shop2.com (WCEM Shop)

For www.shop2.com I have loaded an SSL certificate and going to https://www.shop2.com is working, and will produce an SSL secured connection to the shop. However, as soon as I click a link in that shop, it will link to a standard HTTP page.

So, I thought I could fix this by using a redirect on the Webdispatcher. I added the following rule:

icm/HTTP/redirect_0 = PREFIX=/, FROM=*, FOR=www.shop2*, FROMPROT=http, PROT=https

In my understanding, this should take all https traffic for www.shop2.com and redirect it to https. However, when testing it by typing http://www.shop2.com I do not get redirected to https://www.shop2.com.

I also use a modification handler that will add the correct querystring so that my WCEM application understands it, but I don't think that has any impact right?

if "%{HTTP_HOST}" regimatch "www.shop2*"

RegRewriteUrl "^/$" "/main/catalog/home.jsf?wec-appid=SHOP_Template" [code=temp,qsappend]

Am I missing something, or is there a flaw in my logic?

Any help would be greatly appreciated!

Thanks,

Yordy

Accepted Solutions (1)

Accepted Solutions (1)

0 Kudos

Perhaps you can try in this way:

icm/HTTP/redirect_0 = PREFIX=/, FROM=/*, FOR=shop2.com*, FROMPROT=HTTP, PROT=HTTPS, HOST=www.shop2.com, PORT=443

Former Member
0 Kudos

Hi Americo,

Thank you, I will give that a try!

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi all,

Thank you for your help.

I finally fixed the issue by using the following redirect handler:

icm/HTTP/redirect_0 = PREFIX=/, FROM=/main/*, FROMPROT=http, PROT=https, HOST=www.shop2.com

Cheers,

Yordy

Former Member
0 Kudos

Just two workarounds in the mean time:

- you can disable the HTTP port completely by removing the corresponding icm/server_port_X entry from the profile.

- you can force single web services to use SSL in transaction SICF, but this only makes sense if you have a small number of webservices.

Cheers Michael

Former Member
0 Kudos

Hi Michael,

Thanks, but unfortunately the other site (www.shop1.com) can NOT handle HTTPS traffic, so I need to keep the HTTP port alive.

And indeed, there is an option to force HTTPS on the WCEM server, but this does not work in combination with a webdispatcher... Go figure...

Thanks,

Yordy

Former Member
0 Kudos

How have you setup WD? Is it terminating SSL or is it end-to-end? My guess is that you have to enable SSL on the backend for the URL generation to work correctly. You might also have to configure HTTPURLLOC.

Former Member
0 Kudos

Hi Samuli,

Sorry, I forgot to mention that. I only want SSL between the end-user and the webdispatcher.

HTTPS between the webdispatcher and the WCEM server is not supported, so that connection is just plain HTTP... We had SAP look into that issue a while ago, and they acknowledged that WCEM cannot use HTTPS when using a webdispatcher.

I will look into the HTTPURLLOC, thanks!