Hi Pramod,

1. Once the login is successful, not to use SSL
Is that a possibility?

It might be possible, but (a) you switch from SSL to non-SSL within one site, which always might cause client-side trouble (dependent on the browser the user uses); (b) it's a very very special setup which involves some kind of workaround; for example: The login page itself must be accessible (only) via SSL, the JS/CSS/Images/etc must be accessible via SSL, the rest not; one might use an apache before to setup something like this or configure in within ICM; (c) why? As long as you don't close each connection immediately but use keep-alive (see among thousands for example this: HTTPS and Keep-Alive Connections | IEInternals), speed should not be an issue. Just to round this up, there are additional methods to fasten up (non-initial) SSL connections even outside of keep-alive, see Speeding up SSL: enabling session reuse | Vincent Bernat for example (no idea if this is supported on SAP server side).

once done it gives me message saying "Only Secure content is displayed".
And when clicked on Show all Content it opens the ESS but not able to access the application.

The first thing sounds like the above mentioned general issue if one site switches from SSL to non-SSL or mixes up SSL with non-SSL content. About the second issue, I have no crystal ball to see what happens 😉

For doing a SSO between Portal and ECC system which certificate to exchange.
ECC is not using SSL, it still uses HTTP, and Portal uses HTTPS.

For the SSO always the SAPSSO2 cookie is used; if ECC is not using SSL, then the only restriction is to NOT set the SSL-ONLY flag for the cookie (but that's the default setting - not to restrict the cookie to SSL - so there would be nothing special for you to do).

Anyhow, altogether, I'd stick with "why"... You get more trouble than anything else...

Hope it helps

Best regards

Detlev

Thank You and Former Member

I agree to your points, I would like to have it secured and encrypted.

But the issue I am facing right now is, I am creating a POC in our Sandbox and we don't want to go to Signing Authority to have the certificates Signed.

So this is what I did:

1. Go to https://hostname:50001/nwa - Configuration and Certificates and Key - Selected the Key and Created the SSL Credential File

2. Exported the Private Key

3. Used Comodo to Sign the Certificate.

4. Import the CSR Response into the SSL-Credential Private Key (Getting error: No Certificate matches the given private key).

Can you please help me in fixing the issues.

If I am doing any of the steps wrong, please guide me to a document to enable SSL on Portal.

Thanks,

Pramod

> document to enable SSL on Portal

Here:

Configuringthe Use of SSL on the AS Java - Network and Transport Layer Security - SAP Library

Your issue is maybe in step 2; you need to create a signing request; see sub chapter "Configuring the SSL Key Pair and Trusted X.509 Certificates"

Hope it helps

Detlev

Hi Pramod,

Were you able to implement this requirement.

We have the exact issue, logon password which is being transferred with LDAP is not encrypted. Looking at the options we have to get this addressed.

regards

Naveen