https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/591669#M17296 <P>Hi,</P><P>&nbsp;</P><P>I'm in the process of preparing a SAS 9.4M6 Platform on a Windows64Bit server.</P><P>I successfully installed and configured the platform, but was later asked to secure it with TLS 1.2 (SSL/HTTPS).</P><P>The SAS Installation and configuration guide as well as a couple of SAS whitepapers suggest generating and importing the certificates before running the configuration in the SAS Deployment Manager.</P><P>Now in my case, the configuration was executed before dealing with the certificates.</P><P>&nbsp;</P><P>I would appreciate a recommendation on how to proceed with the security.</P><P>1. Can I just add the certificates to the already configured plateforme?</P><P>2. Should I Remove the existing configuration, Add the Certificates and configure it again?</P><P>3. Any other ideas?</P><P>&nbsp;</P><P>Thanks in advance.</P><P>&nbsp;</P> Wed, 25 Sep 2019 19:00:30 GMT ghassanzghaib 2019-09-25T19:00:30Z https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/591669#M17296 <P>Hi,</P><P>&nbsp;</P><P>I'm in the process of preparing a SAS 9.4M6 Platform on a Windows64Bit server.</P><P>I successfully installed and configured the platform, but was later asked to secure it with TLS 1.2 (SSL/HTTPS).</P><P>The SAS Installation and configuration guide as well as a couple of SAS whitepapers suggest generating and importing the certificates before running the configuration in the SAS Deployment Manager.</P><P>Now in my case, the configuration was executed before dealing with the certificates.</P><P>&nbsp;</P><P>I would appreciate a recommendation on how to proceed with the security.</P><P>1. Can I just add the certificates to the already configured plateforme?</P><P>2. Should I Remove the existing configuration, Add the Certificates and configure it again?</P><P>3. Any other ideas?</P><P>&nbsp;</P><P>Thanks in advance.</P><P>&nbsp;</P> Wed, 25 Sep 2019 19:00:30 GMT https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/591669#M17296 ghassanzghaib 2019-09-25T19:00:30Z https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/591757#M17299 <P>Hi&nbsp;<a href="https://communities.sas.com/t5/user/viewprofilepage/user-id/167422">@ghassanzghaib</a>&nbsp;</P><P>&nbsp;</P><P>You can follow the manual steps listed in the middle tier admin guide to apply SSL certs after the deployment was completed.</P><P>You should start looking at the steps from the section below in the&nbsp;<A href="https://documentation.sas.com/?docsetId=bimtag&amp;docsetTarget=n0nakjyj6hlqmvn11p9p04l25j9n.htm&amp;docsetVersion=9.4&amp;locale=en#n10aqkb89lg6c0n1ksyagv6g0ydn" target="_self">link</A>&nbsp;here.</P><P>&nbsp;</P><DIV class="xis-paraLeadIn"><PRE>If you did not choose to configure with secure sockets during the initial installation and configuration with the SAS Deployment Wizard, you can manually configure SAS Web Server to use HTTPS. Follow these steps:</PRE></DIV><DIV class="xis-paraLeadIn">This could be quite complex depending upon the architecture you are supporting, so its a good pratice to perform a cold backup of your deployment before making any changes.</DIV><DIV class="xis-paraLeadIn">&nbsp;</DIV><DIV class="xis-paraLeadIn">Thanks!</DIV> Thu, 26 Sep 2019 04:00:57 GMT https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/591757#M17299 AnandVyas 2019-09-26T04:00:57Z https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/633283#M18498 <P>Hi <a href="https://communities.sas.com/t5/user/viewprofilepage/user-id/52993">@AnandVyas</a>&nbsp;,</P><P>&nbsp;</P><P>I was able to manually fix the issues for some of the SAS Web Apps following the instructions in the admin guide and some SAS notes.</P><P>Unfortunately, it did not work for some of the other apps. So I had to change my approach by starting from scratch on a new VM, preparing the certificates after the installation and proceeding with the configuration of SSL in the configuration wizard.</P><P>&nbsp;</P><P>Thanks for your help.</P><P>&nbsp;</P> Thu, 19 Mar 2020 13:50:26 GMT https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/633283#M18498 ghassanzghaib 2020-03-19T13:50:26Z https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/633470#M18508 <P><a href="https://communities.sas.com/t5/user/viewprofilepage/user-id/167422">@ghassanzghaib</a>&nbsp; - Unfortunately your experience reinforces the importance of getting the design of your SAS infrastructure as complete as possible before installation.&nbsp;</P> Fri, 20 Mar 2020 00:50:36 GMT https://communities.sas.com/t5/Administration-and-Deployment/Securing-the-SAS-platform-best-practice/m-p/633470#M18508 SASKiwi 2020-03-20T00:50:36Z