To configure a reencrypted Virtual Service for SAP CRM, follow the steps below:

  1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

  2. Enter a Virtual Address.
  3. Enter 44300 in the Port field.
    Note: The port may differ depending on SAP environment. To ensure you use the correct port, consult your SAP administrator.
  4. Enter a recognisable Service Name, for example SAP CRM Re-encrypted.
  5. Ensure that tcp is selected as the Protocol.
  6. Click Add This Virtual Service.
  7. Configure the settings as shown in the following table:
    Note: * Information about managing LoadMaster certificates can be found in the SSL Accelerated Services, Feature Description.

    Section

    Option

    Value

    		 Comment
    Basic Properties Service Type HTTP/HTTPS
    SSL Properties SSL Acceleration Enabled
    Reencrypt Enabled
    Certificates Select the certificate previously imported. Click the > button to assign the certificate. *
    Require SNI hostname Disabled
    Supported Protocols TLS1.1, TLS1.2, and TLS1.3 enabled
    Client Certificates No Client Certificates required

    Standard Options

    		Persistence Mode Active Cooke
    Persistence Timeout 8 Hours

    		Cookie name Enter a unique cookie name. Click Set Cookie.

    		Idle Connection Timeout 1800 Click Set Idle Timeout.

    Real Servers

    		Real Server Check Method HTTPS Protocol
    Use HTTP/1.1 Enabled
    HTTP Method HEAD
  8. Add the Real Servers:
    1. Click the Add New button.
    2. Enter the Real Server Address.
    3. Enter the correct Port.
      Note: Please use the IP Address and Port of the backend server.
      Note: The Forwarding method and the Weight values are set, by default, to those shown in the above Add New Real Server screen. If required these settings may be altered.
    4. Click Add this Real Server. Click OK to close the pop-up message.
    5. Repeat the steps to add any additional Real Servers as needed.

  9. Set the Reencryption Client Certificate to be used in the Virtual Service:
    Note: Reencyption client certificate is the client certificate the LoadMaster presents when connecting to an HTTPS Real Server. This is only needed if the Real Server requires it.
    1. In the main menu of the LoadMaster WUI, go to Certificates & Security > SSL Certificates.
    2. Click the Reencryption Usage button for the client certificate installed earlier.
    3. Select the IP Address for the CRM Virtual Service and click the > button to move the IP address to the Assigned VSs box.
    4. Click Save Changes.