-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- Security Alert when accessing a https page
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Security Alert when accessing a https page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Nov 13 10:11 AM
- SAP Managed Tags
- Security
Hi all,
I have configured SSL to the JAVA system. I got the digitally sigend certificate from the MS Certification Authority.I imported the certificate and the root certificate to the key-storage after to a new entry in the service-ssl view.
I stopped and started the Key-storage and SSl provider services.
I am able to browse the portal via SSL but I get a Security alert which says " the certificate is issued by a company you have not chosen to trust"And there is a red mark in the certificate which says " certificate cannot be verified up to a trusted certification authority"
I have imported the root certificate also to the JAVA visual administrator then why am i getting this security alert.?
Also I dont get this alert only if I download the root certificate to the browser's certificateion store.
Is there a way through which I can get rid of this message without downloading the root certificate to each and every client browsers Certificate store.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Nov 13 12:21 PM
- SAP Managed Tags
- Security
The <b>root certificate</b> need to be present (i.e. in the local keystore) at the SSL client (here: the web browser); the SSL client <u>must not</u> trust the SSL server (even if the SSL server would provide the root certificate in the https response during the SSL handshake).
Most web browsers are shipped with a bunch of root certificates (and intermediate certificates) to simplify the initial setup. If you operate your own CA then definetly the corresponding root certiticate is not present in the web browser's keystore.
Cheers, Wolfgang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Nov 13 10:39 AM
- SAP Managed Tags
- Security
Hi,
One way to add your own MS Certification Authority (I'm assuming you have insstalled a local certificate server which and that you are not using a cerfitifcate from a real trusted root CA) into the browsers is via policies in the network logon. But this of course requires that every client is part of your Windows domain.
Marcel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Nov 13 11:03 AM
- SAP Managed Tags
- Security
Hi Marcel,
Thanks a lot for the quick response.
Yes that could be a way. also I have found scripts which when run will install the certificate on the clients.
I have imported the root certificate directly to the JAVA system then why is it still throwing the error security warning.
so does it mean there is no way by which we can eliminate this security warning by installing the root certificate in one central point or server.
Thanks
Priya
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Nov 13 11:43 AM
- SAP Managed Tags
- Security
Hi Priya
as far as i know not. The list of trusted root CA's is filled by the browser suppliers with CA's that they trust. Any other CA's you will have to import manually or via scripts/
Marcel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Nov 13 12:21 PM
- SAP Managed Tags
- Security
The <b>root certificate</b> need to be present (i.e. in the local keystore) at the SSL client (here: the web browser); the SSL client <u>must not</u> trust the SSL server (even if the SSL server would provide the root certificate in the https response during the SSL handshake).
Most web browsers are shipped with a bunch of root certificates (and intermediate certificates) to simplify the initial setup. If you operate your own CA then definetly the corresponding root certiticate is not present in the web browser's keystore.
Cheers, Wolfgang
Bluesky