BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
japsas100
Pyrite | Level 9
Could you please guide me step by step process to configure the HTTPS on linux env.
 
We are going to install the sas va 7.3 (SAS 9.4 M3)distributed mode.
 
1 ACCEPTED SOLUTION

Accepted Solutions
JuanS_OCS
Amethyst | Level 16

Hello @japsas100,

 

no problem with 3rd Party Certificates as long as they are on the right format (PEM, with base 64 encoding).

http://support.sas.com/documentation/cdl/en/secref/69831/HTML/default/viewer.htm#n0z2rzwzxh81czn12ug...

 

For installing certificates on the server (Linux):

http://support.sas.com/documentation/cdl/en/secref/69831/HTML/default/viewer.htm#p0zy7ybr8ipu9gn1s2p...

 

For installing the certificates on the clients (Windows, I guess):

http://support.sas.com/documentation/cdl/en/secref/69831/HTML/default/viewer.htm#p188ovr3r9is2mn1bot...

 

 PS. In short: the process is exactly the same than for any other Apache server, with OpenSSL. Something you can google:

https://www.google.nl/search?q=OpenSSL+generate+certificate+RSA&oq=OpenSSL+generate+certificate+RSA&...

View solution in original post

3 REPLIES 3
JuanS_OCS
Amethyst | Level 16

Hello @japsas100,

 

asuming you want to configure HTTPS for connections from internet only, and not to secure every connection, you will need to follow this guide for the SAS Web Server (follow the caintained links as well, including the parts for the SAS Environment Manager):

 

http://support.sas.com/documentation/cdl/en/bimtag/69826/HTML/default/viewer.htm#n0nakjyj6hlqmvn11p9...

 

Once you do this, you will need to ensure your Root, CA and your certificates are imported on every SASPrivateJRE and Windows machine (Java certificate stores) from where the SAS client applications will connect. 

 

And a last bit: since probably you have SAS code (as the Databuilder queries or scripts) that are usint the LASRAuthorizationService, you will need to grep for your code and change the http values by https (or redeploy your databuilder queries)

 

To validate you are OK:

- with the SAS Management Console on the client machines, try to validate the SAS Content Server, if you get a PKIX error, you did not imported the SSL certificates correctly.

- with a web browser, try to connect to your SAS Web Server (http, not a SAS application) as https://yourserver.com. If the LOck on the URL is red, probably your certificate installed on the server is not OK.

- finally, if above are OK, ask one of your key users to validate the SAS VA application.

 

 

 

japsas100
Pyrite | Level 9

pl confrim how we can generate these two files during sas web server config:

 

x509 certificate with command name and

RSA private key

 

If we third part certifiacte then whats the process for the same.

JuanS_OCS
Amethyst | Level 16

Hello @japsas100,

 

no problem with 3rd Party Certificates as long as they are on the right format (PEM, with base 64 encoding).

http://support.sas.com/documentation/cdl/en/secref/69831/HTML/default/viewer.htm#n0z2rzwzxh81czn12ug...

 

For installing certificates on the server (Linux):

http://support.sas.com/documentation/cdl/en/secref/69831/HTML/default/viewer.htm#p0zy7ybr8ipu9gn1s2p...

 

For installing the certificates on the clients (Windows, I guess):

http://support.sas.com/documentation/cdl/en/secref/69831/HTML/default/viewer.htm#p188ovr3r9is2mn1bot...

 

 PS. In short: the process is exactly the same than for any other Apache server, with OpenSSL. Something you can google:

https://www.google.nl/search?q=OpenSSL+generate+certificate+RSA&oq=OpenSSL+generate+certificate+RSA&...

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • 3312 views
  • 0 likes
  • 2 in conversation