Skip to Content
0

SAP BO SIA SSL configuration

Feb 26 at 12:55 PM

38

avatar image
Former Member

Dear SCN-Community,

currently I´m in trouble with ssl configuration for BI platform. I have successful added my 3rd party signed certificates to the tomcat. So actually all HTTP requests are secured.

Second part is to secure the SIA. Each guide/how-to (for e.g. Configure SIA to Use SSL Certificates in BI 4.2 SP4) use the files which you can see below.

I think these are self generated files. Is there a way to use my 3rd party signed certificates or should we use the self generated version?

Kind regards

André

pic-ssl1-1.png (4.4 kB)
51be472f.png (126 B)
51be472f.png (12.9 kB)
10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Denis Konovalov
Feb 26 at 01:08 PM
1

1. Corba SSL is used to secure communication between BI Platform nodes and between them and webapp server - meaning no external user or any user visibility into it - that means self signed certificate is perfectly acceptable here. You only need authority signed certificate for HTTPS/SSL on your web servers/web app servers.
2. mentioning which version you use might help as well - new Admin guides have the steps on how to use certificate authority certificates in them.

Show 8 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hello Denis,

thanks for fast reply. As I understand it right I don´t need SIA SSL configuration if I use a single instance deployment where everything runs on one machine?

I´m using 4.2 SP05.

Kind regards

André

0

On a single machine scenario I do not see the need to have corba ssl enabled, but that's me - I do not see why it is needed at all - since if an attacker is able to intercept communications on the internal network - intercepting BOE communications is the least of the problems that poses.
But certain businesses require all communications encrypted, so that's why this option is there.

1
Former Member
Denis Konovalov

Ok thanks! So if the SIA SSL only secures the communication between the instances I don´t see any reason too!

0

just to clarify - between all the servers/services BOE is running. Even on a single machine - those services talk to each other. Corba SSL encrypts all that communication.

0
Former Member
Denis Konovalov

Ok. So if I:

- enable SSL in SIA

- attache the certificates in SIA

- configure the Tomcat <-> SIA SSL communication (java options)

- configure HTTPS for WACS

the back-end communication should use SSL?

Does this affect Design Studio / Analysis for Office Client connection via "dswsbobje"?

Kind regards

André

0

Yes, if you're doing corba ssl, you should also encrypt communications to reporting DB.
And Yes - all clients connecting via dswsbobje will be affected as well. All clients will need to be enabled to use corba ssl as well.

0
Show more comments