New or changed security-related features.
X.509 Support
In 2.3 SP03, all client types
(replication, messaging, Hybrid Web Container, and OData native) can use
HTTPS with mutual certificate authentication to authenticate at the
network edge (relay server or third-party intermediary reverse proxy
server).
Administrators can now manage certificates from SAP Control Center: list, import,
export, and delete certificates for the keystore. You can also use
the imported certificate alias for security components (select an
alias instead of typing in certificate name, password, and so
forth). The
keytool utility is no
longer supported.
Note: There is no longer a separate
truststore. The JVM option property keystore and truststore
both direct to keystore.jks file.
Documented in:
- SAP Control Center
for SAP Mobile Platform > Managing
Certificates for SSL Encryption
- Security > X.509
Overview and Enabling
HTTPS with Mutual Certificate
Authentication
- Developer Guide:
SAP Mobile Server Runtime:
- Retrieve
Certificates from the Key Store
- Import
an X.509 Certificate to the Key Store
- Import a
PKCS #12 Certificate to the Key Store
- Export
an X.509 Certificate from the Key
Store
- Export a
PKCS #12 Certificate from the Key
Store
- Delete a
Certificate from the Key Store
- Developer Guide:
<Device Platform> Object API Applications > Sample
Code: Mutual Authentication
- Developer Guide:
Android Object API Applications > setTrustedCertificates
- Developer
Guide: Windows and Windows Mobile Object API Applications > Importing the Private Key into the System
Certificate Store
- Developer Guide: Hybrid Apps > Configure Connection Settings on the
Device and Install and Test
Certificates on Simulators and Devices