Thursday 22 June 2017

Configuring BI Platform to open Lumira discovery HANA document created using OLAP HANA HTTPs connection

Lumira 2.0 supports HANA live connectivity via INA over HTTP/HTTPS. Know more on how to get your user have the relevant rights and roles http://www.saphanacentral.com/2017/06/step-by-step-how-to-create-local-sap.html to get this connectivity working.

Lumira 2.0 Discovery can successfully leverage your HANA OLAP connections (managed connections in BI platform). This connectivity is over HTTP protocol and we recommend that you have it configured for secure communication i.e. HTTPS.

To make sure you have this working over SSL between BI platform and your HANA, you need to follow the steps given below:

Follow the below steps:

1. Launch the Hana HTTPs server in BOE machine

2. When you launch, you will get the certificate error click on the Install certificate then select local machine click next, and select the Trusted Root Certification Authorities option as shown in figure below

SAP HANA, BI Platform, SAP HANA Lumira

3. Then next click finish (close the IE and relaunch the URL , if you are still getting the certificate error means certificate is imported ) check your Https Hana certificate

4. Next open the URL in IE and click on the lock icon, click view certificate, click on the details, click on the copy to file, press next, select Base-64 encoded x.509, give the certificate name (e.g. trust.cer) export the certificate to your machine

5. Then create folder e.g. (C:\SSL) and copy the certificate from desktop to SSL folder

6. Then run the below command to import certificate

C:\>”<BIP installation directory>\win64_x64\sapjvm_8\jre\bin\keytool.exe” -importcert –        keystore “C:\< BIP installation directory >\win64_x64\sapjvm_8\jre\lib\security\cacerts” -alias       ALIASNAME -file ” C:\SSL\<certificatename e.g. trust.cer>”

Password – <provide password>

Note – certificate name is the name of the certificate saved in step 2. Use password “changeit” to install certificate.

7. Again, run same command after changing sapjvm_8 to sapjvm e.g. (C:\>”<BIP installation directory>\win64_x64\sapjvm_8\jre\bin\keytool.exe” -importcert – keystore “C:\< BIP installation directory >\win64_x64\sapjvm_8\jre\lib\security\cacerts” -alias   ALIASNAME -file ” C:\SSL\<certificatename e.g. trust.cer>”
Password – <provide password>

Note – certificate name is the name of the certificate saved in step 2. Use password “changeit” to install certificate.

8. Then go to the http://<BOE IP>:<Port number>/BOE/CMC, go to the server list and add the parameter –sun.net.ssl.enableECC=false in Lumira and APS server and restart both server.

e.g. -Dcom.sap.vm.tag=BI41SP05RTMFULL.LumiraServer -Djava.awt.headless=true -Dcom.sun.net.ssl.enableECC=false -Djavax.net.ssl.trustStoreProvider=SunMSCAPI -Djavax.net.ssl.trustStoreType=Windows-ROO…….

No comments:

Post a Comment