By default all other
SAP Mobile Platform listeners are encrypted using SSL. However, if
you need to modify this configuration, review these steps.
Changing Installed Certificates Used for Encryption
SAP Mobile Server includes default certificates for all listeners. Since all installations use the same certificates by default, you must change these certificates with production-ready ones after you install SAP Mobile Platform.
Managing Certificates for SSL Encryption
Manage keystore certificates to be used for SSL encryption of SAP Mobile Server communication ports. All security profiles use the same keystore.
Creating an SSL Security Profile in SAP Control Center
Security profiles define the security characteristics of a client/server session. Assign a security profile to a listener, which is configured as a port that accepts client connection requests of various protocols. SAP Mobile Server uses multiple listeners. Clients that support the same characteristics can communicate to SAP Mobile Server via the same port defined in the listener.
Enabling OCSP
(Optional) Enable OCSP (Online Certificate Status Protocol) to determine the status of a certificate used to authenticate a subject: current, expired, or unknown. OCSP configuration is enabled as part of cluster level SSL configuration. OCSP checking must be enabled if you are using the CertificateAuthenticationLoginModule and have set Enable revocation checking to true.