Security profiles define the security characteristics of a
client/server session. Assign a security profile to a listener, which is configured as a
port that accepts client connection requests of various protocols.
SAP Mobile Server
uses multiple listeners. Clients that support the same characteristics can communicate to
SAP Mobile Server
via the same port defined in the listener.
Note: A security profile can be used by one or more servers in a
cluster, but cannot used by multiple
clusters.
- In
the left navigation pane, select Configuration
- In the right administration pane, select the
General tab.
- From the menu bar, select SSL
Configuration.
- In the Configure security profile
table:
- Enter a name for the security profile.
- Enter a certificate alias. This is the
alias
of a key entry
in
the
keystore.
Make sure the key password of this key entry is the same as the keystore
password.
- Select an authentication level:
If the security profile authenticates only the server,
then only the server must provide a certificate to be accepted or
rejected by the client. If the security profile authenticates both the
client and the server, then the client is also required to authenticate
using a certificate; both the client and server will provide a digital
certificate to be accepted or rejected by the other.
Authentication
Type |
Authenticates |
Cipher
suite(s) |
intl |
server |
- SA_EXPORT_WITH_RC4_40_MD5
- RSA_EXPORT_WITH_DES40_CBC_SHA
|
intl_mutual |
client/server |
- RSA_EXPORT_WITH_RC4_40_MD5
-
RSA_EXPORT_WITH_DES40_CBC_SHA
|
strong |
server |
- RSA_WITH_3DES_EDE_CBC_SHA
- RSA_WITH_RC4_128_MD5
- RSA_WITH_RC4_128_SHA
|
strong_mutual |
client/server For example, this is the required
option for mutual authentication of SAP Mobile Platform and
Gateway.
|
- RSA_WITH_3DES_EDE_CBC_SHA
- RSA_WITH_RC4_128_MD5
- RSA_WITH_RC4_128_SHA
|
domestic |
server |
- RSA_WITH_3DES_EDE_CBC_SHA
- RSA_WITH_RC4_128_MD5
- RSA_WITH_RC4_128_SHA
- RSA_WITH_DES_CBC_SHA
- RSA_EXPORT_WITH_RC4_40_MD5
- RSA_EXPORT_WITH_DES40_CBC_SHA
- TLS_RSA_WITH_NULL_MD5
- TLS_RSA_WITH_NULL_SHA
|
domestic_mutual |
client/server |
- RSA_WITH_3DES_EDE_CBC_SHA
- RSA_WITH_RC4_128_MD5
- RSA_WITH_RC4_128_SHA
- RSA_WITH_DES_CBC_SHA
- RSA_EXPORT_WITH_RC4_40_MD5
- RSA_EXPORT_WITH_DES40_CBC_SHA
- RSA_WITH_NULL_MD5
- RSA_WITH_NULL_SHA
|
- Click Save.
- From the
Components
menu, assign the security profile to the desired management or communication
ports.