To configure a reencrypted Virtual Service for SAP Enterprise Portal, follow the steps below:

  1. In the main menu of the LoadMaster WUI, go to Virtual Services > Add New.

  2. Enter a Virtual Address.
  3. Enter 50001 in the Port text box.
    Note: The port may differ depending on the SAP Portal environment. To ensure you use the correct port, consult your SAP administrator.
  4. Enter a recognisable Service Name, for example SAP Enterprise Portal Reencrypt.
  5. Ensure that tcp is set as the Protocol.
  6. Click Add This Virtual Service.
  7. Configure the settings as shown in the following table:
    Note: * Information about managing LoadMaster certificates can be found in the SSL Accelerated Services, Feature Description.

    Section

    Option

    Value

    		 Comment
    Basic Properties Service Type HTTP/HTTPS
    SSL Properties SSL Acceleration Enabled
    Reencrypt Enabled
    Certificates Select the certificate previously imported. Click the > button to assign the certificate. *
    Require SNI hostname Disabled
    Supported Protocols TLS1.1, TLS1.2, and TLS1.3 enabled
    Client Certificates No Client Certificates required

    Standard Options

    		Persistence Mode Active Cookie
    Persistence Timeout 8 Hours

    		Cookie name Enter a unique cookie name. Click Set Cookie.

    		Idle Connection Timeout 1800 Click Set Idle Timeout.

    Real Servers

    		Real Server Check Method HTTPS Protocol
    Use HTTP/1.1 Enabled
    HTTP Method HEAD
  8. Add the Real Servers:
    1. Click the Add New button.
    2. Enter the Real Server Address.
    3. Enter the correct Port.
      Note: Please use the IP Address and Port of the backend server.
      Note: The Forwarding method and the Weight values are set, by default, to those shown in the above image. If required these settings may be altered.
    4. Click Add this Real Server.
    5. Repeat steps b) to d) above to add any additional Real Servers as needed, based on environment.

  9. Set the Reencryption Client Certificate to be used in the Virtual Service:
    Note: Reencyption Client Certificate is the client certificate the LoadMaster presents when connecting to an HTTPS Real Server. This is only needed if the Real Server requires it.
    1. In the main menu of the LoadMaster WUI, go to Certificates & Security > SSL Certificates.
    2. Click the Reencryption Usage button for the client certificate installed earlier.
    3. Select the IP Address for the CRM Virtual Service and click the > button to move the IP address to the Assigned VSs box.
    4. Click Save Changes.