Enabling HTTPS for NLINK ADC to SAP Solution

Owned by Darcy Curtin
Last updated: Jan 16, 2023 by Rakesh
4 min read

Overview

The NLINK ADC to SAP Solution’s ASP.NET component runs on Microsoft IIS Server. The communication between this component and mobile devices can be setup to use either HTTP or HTTPS.

By default IIS Server operates in HTTP mode, no other extra steps are involved in this.

For HTTPS, IIS Server has to be setup to use Secure Socket Library (SSL). Following are the steps for SSL:

  • Get a certificate from a known Certificate Authority” (CA) such as Verisign, GoDaddy.
  • Install certificate on IIS Server
  • Configure IIS Server to use HTTPS

A certificate authority provides the details of installing the certificate on IIS Server. Depending on the version of IIS Server these details will vary. You will receive such instructions from the certificate authority when you purchase their certificate.

The remainder of this documentation shows the steps involved in setting up “Self-Signed Certificate” for IIS

Note: Junot Systems does not purchase or provide these Certificates. If you wish to use HTTPS you must purchase and install these certificates yourself. This page explains the process that must be followed.

Self Signed Certificates

Follow these steps to enable HTTPS on the NLINK ADC to SAP Solution using Self-Signed Certificates for IIS.  A “Self-Signed Certificate” allows IIS to function in SSL mode with a locally generated certificate. When using such a “Self-Signed Certificate”, client browser will get a message indicating web site’s security certificate may not be valid. Depending on the browser, the exact message may vary, usually it is one of the following:

  • “The security certificate presented by this website was not issued by a trusted certificate authority” or
  • “The certificate is not trusted because it is self-signed” or
  • “This Connection is Untrusted”.

If users can be trained to ignore such a message then “Self-Signed Certificate” can be used.

  

Step by Step instructions

  1. Install and setup the NLINK ADC to SAP Solution to work using HTTP.
  2. Generate Self-Signed Certificate
  3. Configure IIS to use generated certificate
  4. Re-test the NLINK ADC to SAP Solution using HTTPS
  

Step 1: Installing the NLINK ADC to SAP Solution          

Complete the NLINK ADC to SAP Solution installation on Windows Server 2016 or on /wiki/spaces/JWHADC/pages/491646.

  

Step 2: Generate Self-Signed Certificate

Note: The following notes are based on IIS 8, if using later version of IIS, the steps may be different.

  1. Select root machine node, and select “Server Certificates” in “Features View"
  2. Select “Create Self Signed Certificate”
  3. Enter a name and IIS will create a certificate

Step 3. Configure IIS to use generated certificate 

  1. Go to the web site under which the NLINK ADC to SAP Solution Application is installed, which in this example is “Default Web Site” and select “Binding”
  2. In the popup window click on the “Add” button
  3. Select “https” for “Type”, and from the drop-down for “SSL Certificate” select the Self-Signed Certificate previously created in step 3, and press “OK”
  4. Select the NLINK ADC to SAP Solution application (in this example “adc”) and click on “SSL Settings”
  5. Check the check-box next to “Require SSL” and optionally select “Require 128-bit SSL”  and press “Apply”
    (Note: IIS 8 GUI does not have option for “Require 128-bit SSL”. In IIS 8 128 bit SSL option can be setup using IIS Manager. In IIS Manager, select server node, double click Configuration Editor, switch to section system.webServer/security/access, then, in the dropdown list select ssl128 and click Apply to save changes).

  6. All done. Now the NLINK ADC to SAP Solution is setup to operate in HTTPS mode

Step 4. Re-test the NLINK ADC to SAP Solution using HTTPS 

  1. Testing application for making sure HTTP is not allowed:
    Go to browser and type in base URL for NLINK ADC to SAP Solution “http://[Fully Qualified Domain Name (FDQN)]/adc5”. If the setup for HTTPS is correct, you should see following error message
  2. Testing application for making sure HTTPS is allowed:
    Go to browser and type in base URL for NLINK ADC to SAP Solution “https://[Fully Qualified Domain Name (FDQN)]/adc5”. If the setup for HTTPS is correct, you should see the NLINK ADC to SAP Solution log-on screen.

Self signed certificate should only be used for testing purposes and it is not meant for production.

If Fully Qualified Domain Name (FDQN) is not used in certificate or request URL, a warning about insecure or invalid certificate may be displayed. The actual message depends on version of browser. For self signed certificate, ignore the warning and select option to “continue to this website”.

 

If the setup is correct, the NLINK ADC to SAP Solution log-on page will be displayed.