Security for Additional Applications

The following applications are delivered with the TREX installation.

Additional Applications

Application

Comments

Microsoft Internet Information Server (IIS)

external

Apache Web Server

external

SAPinst

SAP internal

SAP Gateway

SAP internal

The Microsoft Internet Information Server (IIS) and the Apache Web server that communicates with the Java client in the J2EE Engine (TREX service) as the TREX Web server on Windows and UNIX have validated security concepts that are used for configuring TREX security.

During the SAPinst TREX installation, the required permissions are given for the Microsoft Internet Information Server (IIS) (see Data Storage Security ® Level of Protection). You can use the cryptography tool SAPGENPSE to configure secure communication between the TREX preprocessor and the portal Web server, and between the TREX Web server and the TREX name server. You can also use SAPGENPSE to restrict access to the keystores that you generated by assigning a particular user to each keystore. You obtain the cryptography tool SAPGENPSE as part of the SAP Cryptographic Library from the SAP Service Marketplace.

The cryptography tool OpenSSL is used for the secure configuration of the Apache Web Server. You generate the OpenSSL tool and the mod_SSL.so library, which you need for the security configuration of the Apache Web server, using a build process. For more information about configuring the TREX security functions, see Configuration of the TREX Security Settings.

Third-party products that are delivered with TREX are updated with the current updates and patches. However, TREX takes no responsibility for the security of applications and programs that are not provided by SAP. SAP is not responsible for guaranteeing or supporting this software. SAP disclaims any liability or responsibility as regards these tools. The conditions of the relevant third-party provider are valid.