Configure 360Eyes with SSL
Symptom
If you or a customer have activated SSL for the SAP BusinessObjects restful API web server, then you will need to configure the Wiiisdom's 360Suite applications in order to make them trust the used certificate.
Procedure
All performed actions are classic security configuration that should be mastered by the security team of the customer.
We just provide information about a classic configuration that does not take account about any specific customer configuration.
All Wiiisdom 360Suite applications are using the Java JVM.
As those applications communicate with SAP BusinessObjects through the Restful API running on a SSL activated web server, the appropriate certificate must be trusted by the used JVM.
To do so we need to import the certificate in cacert file with a command like:
If you already have a valid cacerts file you can skip this step : 360Web Platform or 360eyes
Import the certificate to the client's cacerts by using the keytool utility.
In a command prompt, navigate to the directory <JAVA_HOME>\jre\lib\security\ and use the following command:
keytool -import -alias <local certificate name> -file <certificate file> -keystore cacerts
For example:
keytool -import -alias my_ssl_cert -file ssl-credentials-cert1.crt -keystore cacerts
Once you have imported the certificate, copy the updated cacerts file.
Running from the CMC
By default, 360eyes is using the Java provided by BOBJ.
<BOBJ_INSTALL> /SAP BusinessObjects Enterprise XI 4.0/win64_x64/sapjvm/jre/lib/security
If it is not the JAVA used by default, it is the same procedure but in <JAVA_PATH>\jre\lib\security\cacerts
If you previously set up -Djavax.net.ssl parameters in the JVM Arguments of your 360eyes jobs, you can remove them as they are no longer needed !
Running from the GUI/CLI
Check the 360eyes_GUI.bat or 360eyes script in 360eyes/tools to see which JAVA is used :
java -cp "%SDK_LIB_FOLDER%/*;../libs/*" com.gbs.eyes.LauncherGui
java -cp "%SDK_LIB_FOLDER%/*;../libs/*" com.gbs.eyes.Launcher <job> <cms> <BO_user> <BO_user_passwd> <auth> <360Eyes_dir>
If it is just written java, it is the one defined in JAVA_HOME
Go to that folder and replace the cacerts file there <JAVA_PATH>\jre\lib\security\cacerts
If the GUI was running, you'll need to restart it to apply the changes
If you previously set up -Djavax.net.ssl parameters in the GUI360eyes jobs, you can remove them as they are no longer needed !
Additional Information
The default password for the sapjvm cacerts file is 'changeit' if you didn't modify it.
To verify if the cacerts in the SAPJVM is valid, you can :
run this command line:
"<BOBJ_INSTALL>\SAP BusinessObjects Enterprise XI 4.0\win64_x64\sapjvm\jre\bin\keytool" -list -keystore "<BOBJ_INSTALL>\SAP BusinessObjects Enterprise XI 4.0\win64_x64\sapjvm\jre\lib\security\cacerts" > result.txt
Open the file result.txt
Search if the RESTful Web Service URL is present.
Related Articles
How does 360Eyes work with a CORBA SSL Enabled CMS?
Symptom This article will explain you how does 360Eyes work with a CORBA SSL Enabled CMS. Environment 360Eyes Microsoft SQL Server SAP BusinessObjects Enterprise XI 3.1 SAP BusinessObjects Business Intelligence 4.0 SAP BusinessObjects Business ...Configure 360Eyes to run on SAP Business Objects 4.3SP2
Symptom You run 360Eyes using the 360Eyes GUI or Command-Line against an SAP Business Objects Environment 4.3SP2. or java -Xmx1024m -cp "../libs/;*%SDK_LIB_FOLDER%/*" com.gbs.eyes.Launcher <job> <cms> <BO_user> <BO_user_passwd> <auth> <360Eyes_dir> ...How to configure SQL Server with Windows Authentication
Symptom When trying to configure a SQL Server database using Windows Authentication as part of the 360eyes database configuration, the following error is returned: "The driver is not configured for integrated authentication". Environment 360Eyes ...How to set up 360eyes to run with Windows Task Scheduler
Symptom How to set up 360eyes to run with Windows Task Scheduler ? Environment 360Eyes SAP BusinessObjects Enterprise XI 3.1 SAP BusinessObjects Business Intelligence 4.0 SAP BusinessObjects Business Intelligence 4.1 SAP BusinessObjects Business ...Recommendation for using Oracle User name in 360Eyes
Symptom Using 360Eyes as Oracle user name for the user/schema. Environment 360Eyes SAP BusinessObjects Enterprise XI 3.1 SAP BusinessObjects Business Intelligence 4.0 SAP BusinessObjects Business Intelligence 4.1 SAP BusinessObjects Business ...