Repository Specific Guides
...
Link Enterprise for M365
Installation and Base Configur...

WebSocket RFC (Cloud Connections)

7min

Cloud Configuration

The Cloud Configuration allows on-premise solutions to communicate with Internet based Gimmal Link Enterprise servers over HTTPS/SSL.

Import Certificate

To allow SSL handshake between SAP and a hosted Link Enterprise Environment we require importing Gimmal Link Enterprise public certificate into SAP's Trust Manager.

  1. In SAP start the Trust Manager (STRUST)
  2. Import the Gimmal Link Enterprise public certificate into SSL Client (Standard) (This will enable SAP to identify Gimmal certificate during TLS handshake)
  3. Enter Change Mode (Ctrl + F1)
  4. Click SSL Client Standard. Click Import and select the Gimmal Link Enterprise public certificate provided. Click Add to Certificate List and Save

Export Certificates

The Gimmal Link Enterprise middleware requires an export of the SAP public root certificate for SSL Client and SSL Server. This is to identify the SAP system connecting into the hosted environment.

  1. In SAP start the Trust Manager (STRUST)
  2. Export the root certificate from SSL Client (Standard) and SSL Server (Standard).
  3. Click SSL server Standard and double click the subject

    Document image
    
  4. It will be appear in the Certificate section
  5. Scroll down and export (provided below is a sample image) of export icon

    Document image
    
  6. Click SSL server Client and double click the Subject
  7. Scroll down and export the certificate

    Document image
    
  8. Send both certificates to your Gimmal representative

Setup RFC Destination

To enable a endpoint for the SAP to connect into the middleware we require an RFC Destination to be created

  1. Visit transaction SM59
  2. Click Create and give the destination an appopriate name. An example is Z<TYPE>_<NAME>
  3. Ensure the connection type is type 'W'

    Document image
    
  4. Under technical settings we need to prove the Target System Settings
  5. For host name enter the provided hostname given to you by your Gimmal Representative
  6. For port enter the provided port given to you by your Gimmal Representative
  7. Document image
    
  8. Click the Logon & Security tab and enter Language as EN
  9. Set the Explicit Client to by Hostname
  10. Set the Authentication Method to by X.509 certificate
  11. Under Security Options set to SSL Client (Standard)
  12. Document image
    
  13. Click Save
  14. Provide the RFC Destination to your Gimmal representative

Firewall

The firewall needs to be configured to allow HTTPS traffic through to the Gimmal Link Enterprise server. To find or define these ports:

Inbound Rule

  • In SAP, review the value for icm/server_port_x (where x=0,1,2,3...,n) that is used for HTTPS. This port will need to be opened for inbound traffic to the SAP system.

Outbound Rule

  • Review the section Setup RFC Destination for the port that has been configured in SM59 for the WebSocket RFC communication to the Gimmal Link Enterprise Server.
  • This port will be given to you by the Gimmal representative

Changing Profile Parameters

To allow quick setup of websocket connetivity we can dynamically change the parameters to quickly confirm connectivity. Work with your SAP BASIS to configure the parameters to hold.

  1. Enter transacation RZ11.
  2. Type in rfc/websocket/external_active
  3. Change the value from 2 to 1. (This will allow us to bypass UCONN and enable logon, even if UCON is not activated and configured)
  4. Confirm ucon/websocketrfc/active is set to 1.