Environment:
Liquid UI Server Version: 3.5.520.0 and above.
Purpose of TLS in Liquid UI Server:
For most secure network connectivity between Liquid UI Server and Liquid UI Client.
TLS is an encryption protocol used in SSL and HTTPS.
The encryption happens after a complex handshake and decides on an encryption cypher and session key to use on both ends.
To TURN-ON TLS, on Liquid UI Server one Server Certificate, and one Private Key which are specified in sapproxy.ini.
Sample SAPPROXY.INI:
[control]
proxycount=1
[Proxy1]
ListenPort=3210 // (Liquid UI Client Instance/Port Number)
TargetServer=SAPDEV.CORPNET.NET // (SAP Server Host Name or IP Address)
TargetServerPort=3200 // (SAP Server Instance/Port Number)
GuiXT=10
servercert=R:\LiquidUI\sapproxy\servercert.pem // (System Path for Server Certificate location)
privatekey=R:\LiquidUI\sapproxy\privatekey.pem // (System Path for Private Key location)
Creating certificates using OPENSSL:
Certificate can be generated with the online openssl.exe tool, with the following commands:
>>openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privatekey.pem -out servercert.pem
Note: -days means the valid days for this certificate.
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:CA
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Liquid UI Server
Organizational Unit Name (eg, section) []:LUS
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:
