Preparing the SAP NetWeaver Developer Studio for SSL

Use

In a similar way to a Web browser, the SAP NetWeaver Developer Studio (an integrated development environment, or IDE) uses the standard protocol HTTP and basic authentication to exchange data with the services of the development infrastructure. This protocol is not encrypted, which means that data and passwords are susceptible to access by unauthorized persons. The communication between the SAP NetWeaver Developer Studio (the IDE) and the development infrastructure represents a weak point if it is running through non-secure channels (such as the Internet).

To secure communications, activate the Secure Socket Layer (SSL) protocol in the IDE. This protocol provides powerful encryption of data traffic and reliable authentication of the communication partners.

Prerequisites

To be able to use SSL in the IDE, you must first configure the servers of the development infrastructure for SSL. In particular, all servers require a valid certificate. These certificates must be accessible to all users who want to log on to the infrastructure using SSL. The IDE currently supports the following exchange formats for certificates:

·        PKCS 7: This is the standard format for exchanging server certificates. This format is supported by most Internet browsers and Public Key environments. Files in PKCS 7 format usually have the file extension .p7b.

·        PKCS 12: This format is usually used to store client certificates and private keys. Files in PKCS 12 format usually have the file extension .p12 or .pfx.

·        Java Keystores. The Java runtime environment defines a separate format for storing certificates, and provides you with tools for managing key stores (key tools). Java runtime environments also provide you with a default key store (cacerts). You can import your own certificates into this key store. For more information, see the documentation on your Java environment.

Procedure

Due to export restrictions and legal requirements in some countries, the SAP NetWeaver development environment is shipped without the cryptographic algorithms required for SSL. You must install these algorithms before you activate SSL in the IDE.

...

       1.      Download the cryptographic library to your local PC from SAP Service Marketplace (go to service.sap.com/download and choose Download ® SAP Cryptographic Software) or ask your system administrator to provide you with this library. Make sure that you download the library that matches your Java version (1.3 or 1.4). Save the library in a temporary directory.

       2.      If you use J2SE from Version 1.4, you must prepare the Java runtime environment for using strong cryptography by installing special Security Policies (Java Cryptography Extensions) from java.sun.com/jce. For more information, see the documentation on your Java environment.

       3.      Start your IDE and choose File ® Import ® Java Cryptography Toolkit. Choose Next. Enter the path to the downloaded cryptography library or navigate to this location in your file system by choosing Browse…

       4.      Start the IDE again.

       5.      Choose Window ® Preferences ®Java Development Infrastructure. Under Certificates, specify the path to a file with certificates in PKCS7 or PKCS12 format, or the path to a Java key store. To confirm your entries, choose OK.

You have now prepared your development environment for communication with SSL.