cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSL setup with a load balancer

Go to solution
Former Member

on ‎12-15-2008 7:59 PM

0 Kudos

We are running EP 7.0 SP14 and have set it up to run through a Cisco ACE loadbalancer. We have also setup SSL with the certificate on the ACE load balancer. Everythign work fine, except we keep getting a Security Alert popup message in IE that states "You are about to be redirected to a connection that is not secure."

Are there some additional configurations that I need to do in EP to make this go away?

Maximum points to the first correct answer.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

ravi_joseph
Active Contributor
‎12-16-2008 11:06 AM
0 Kudos

maintain the portal HTTPS URL (https://fqdn:50x01/irj) in your loadblancer url settings,

to avoid this alert you need to maintain https access to all your backend system connections, as slava suggested do a trace with the http watch and identify the where the switch happens from https to http .

jo

Show replies
Show replies
Former Member
‎12-16-2008 3:51 PM
0 Kudos

There are 2 areas that we consistantly see this message, one logout and when running a VC application. Using IEWatch, the URL of the logout does change to http. However, I can not see the URL change to http for the VC app. My guess is that the non-SSL call is occurring within the VC application, and therefore not recorded by IEWatch.

How do I change the URL call of the logout to https?

Does anyone know what to check for within the VC code?

Former Member
‎12-16-2008 4:39 PM
0 Kudos

You can change logoff URL to any value:

http://help.sap.com/saphelp_nw04s/helpdata/en/44/aada5230be5e77e10000000a155369/frameset.htm

Regarding VC apps.

It is strange you cannot see HTTP in the IEWatch. IE should not be able to alert about something it does not see. I suggest you to use something more substantial to trace network calls: http://www.wireshark.org

This is the best tool I know for network tracing.

Regards,

Slava

Former Member
‎12-16-2008 9:39 PM
0 Kudos

We switched the logoff URL to [https://<portal>/] and when the user logs off, it does forward them to this URL, but then the server redirects the browser to [http://<portal>/irj/portal]. The server does not know that it is secured. Plus, the logon screen is still posting to the unsecured URL.

Is there a setting in Portal or in WAS that we need to set specifying that the application is secured?

Former Member
‎12-16-2008 10:02 PM
0 Kudos

Try to use logoff URL https://<portal>/irj/portal instead of https://<portal>/

Former Member
‎01-23-2009 10:49 PM
0 Kudos

We needed to configure the Proxy Mapping setting in VA.

[http://help.sap.com/saphelp_nw70/helpdata/EN/b8/437d46d4451e4c9ab756e272a1581d/frameset.htm]

Answers (1)

Answers (1)

Former Member
‎12-15-2008 8:53 PM
0 Kudos

In your EP you may have iViews that rely on system aliases, which have connections defined as HTTP, not as HTTPS.

When IE access EP via HTTPS URL, ivews depending on the HTTP aliases produce HTTP based URLs for the ivew frames and IE alerts you that you have HTTPS+HTTP mix on your page.

I recommend to do a simple HTTP trace via HTTPwatch or fiddler on the IE (client) side.

You will be able to see what calls are made as HTTP from IE and it will give you an idea where to look for HTTP protocol settings in EP.

Regards,

Slava

Show replies
Show replies
Ask a Question