Strict Hostname Checking

The default setting in SAP doesn't make a strict hostname check when executing an SSL handshake. Depending on your security audit requirements you may have to change this behaviour.

You can set messaging.ssl.serverNameCheck to true in SAP XI AF Messaging service to ensure that SSL handshake succeeds only in the hostname of the server matches the CN of the public certificate.

Comments

Popular posts from this blog

OS/DB Migration - CMD. STR, TOC, EXT, R3load, DDLDBS.TPL and more

Fixing Inconsistent Table - Table activation fails due to inconsistency between DD and DB

301 Redirect Using SAP Web Dispatcher