Creating Certificate Using OpenSSL and Importing it into SAP HANA Web Dispatcher

| Analytics , SAP HANA ,

HANA Web Dispatcher comes with a self-signed SSL certificate that makes the connection insecure. In this blog, we have outlined the step by step process to create an SSL certificate using OpenSSL and import it into SAP HANA web dispatcher

Setting-Up your own CA:

Step 1: Install OpenSSL

Step 2: Navigate to OpenSSL/bin folder and open command prompt and set the Variable path using the command below

set OPENSSL_CONF=C:\OpenSSL\bin\openssl.cfg   (Mention path according to your OpenSSL installed path)

set RANDFILE=.rnd  (Run this command as it is)


Step 3: Create a “.\demoCA” directory in OpenSSL/bin folder. Create another directory newcerts in “.\demoCA” directory


Step 4: Copy .\bin\pem\democa\serial  to .\demoCA

Step 5: Create an empty index.txt file via notepad .\demoCA\index.txt

Step 6: Change organizationName = optional in .\bin\openssl.cfg. Check the screen shot below for the updated config file


Step 7: Navigate to OpenSSL Bin folder and run the commands below:

To create your own secure 4096 bit private key –

openssl genrsa -des3 -out rootca.pem 4096

To Create your secure SHA-256 root CA certificate –

openssl req -new -x509 -sha256 -extensions v3_ca -key rootca.pem -out rootca.crt -days 365


Creating a Server Certificate:

Step 1: Create a CA request in HANA web dispatcher page. Copy and paste the request in notepad and save it as “sslreq.csr”. Copy the “sslreq.csr” to ../OpenSSL/bin folder


Step 2: Sign the certificate by using the command below

openssl ca -cert rootca.crt -keyfile rootca.pem -out sslreq.crt -infiles sslreq.csr


Step 3: crt and sslreq.crt files will be created in ../OpenSSL/bin folder. Open the sslreq.csr and rootca.csr in a text editor copy and paste the content in the web dispatcher to import CA response. Click on import.



Step 4: Import the rootca.crt file created in ../openssl/bin folder to the browser (Recommended browser – Firefox)


With these settings, the HANA Web Dispatcher connection is secure. Here on, whenever we login to SAP HANA, a window will appear asking for the user credentials.

Share with: