Solved: How to allow the XSA self signed cert to be signed...

former_member183326 · ‎05-24-2017

Hello All,

I have installed the HANA cockpit 2.0 using XSA. When launching the cockpit via the webbrowser, I get an untrusted/unsecure error, because of the fact that the XSA is using an self signed certificate (default.root.crt.pem). The certificate is located in directory /hana/shared/<SID>/xs/controller_data/controller/ssl-pub/router, but I don't see an option to generate an csr file, so the certificate can be signed by our CA.

How can we achieve this?

Versions:

SAP HANA Cockpit2.2.4 (2017-03-31 07:47:17)

SAP HANA Database Explorer2.1.3 (2017-03-13 21:22:02)

SAPUI51.38.17 (20170124144

BR

Michael

architectSAP · ‎05-25-2017

Hello Michael,

SAP Note 2243019 - Providing SSL certificates for domains defined in SAP HANA extended application services, ... describes this, i.e. you do not need a certificate request but generate a respective RSA key instead.

However, my CA tool does not support the required format, so I had to convert it:

How to convert a certificate into the appropriate format

Best regards

Frank

andreas_kuhn · ‎04-16-2018

Hi,

i have created a new KBA with easy steps creating an SSL Certificate for HANA 2.0 Cockpit (XSA)

2631903 - HANA Basic How-To Series - Securing HANA 2.0 Cockpit via SSL / HTTPS (Microsoft CA edition...

BR

Andreas

former_member508223 · ‎01-19-2018

Hi Michael,

We are getting the same error. How did you get the certificate key file.

Regards,

Arun

former_member183326 · ‎05-25-2017

Thanks Frank, much appreciated.

How to allow the XSA self signed cert to be signed by local CA?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (3)

Answers (3)

Re: Redirecting to Build Apps when trying to open ...

Re: Signavio process insights starter pack 1 time ...

SAP API Hub EDMX - Integration suite

Destination error Couldn't check at the moment, pl...

Re: Update task in RAP model API