Hardening a SAS Installation on a multi tier installation on Linux

'OpenSSL Signing CSR Generated by keytool' tutorial was cited in a SAS Global Forum 2013 paper in 2013.

The "OpenSSL" Signing CSR Generated by "keytool" tutorial was cited in a SAS Global Forum 2013 paper in 2013.

Subject: Hardening a SAS Installation on a multi tier installation on
Date: Apr 10, 2013
Author: Jan Bigalke
Source: http://support.sas.com/resources/papers/proceedings13


The security requirements of today require in some use cases the
hardening of a SAS® Installation. This paper describes the practical
steps of securing the SAS web applications and the impact to the
Base SAS® Services on the SAS compute tiers. The SAS Enterprise BI
Server will be the object of this explanation. The principals of a
secure architecture will be described and the options to secure the
individual components presented.



Transport Layer Security (TLS) is a cryptographic protocol that
secures the communication on the application layer. In the proposed
architecture approach TLS/SSL is used to secure the communication with
the reverse proxy. To provide a convenient approach for the users of
the SAS Installation we will use signed certificates. The use of self
signed certificates has the disadvantage of end users having to accept
an exception to use the SAS Services. For a signed certificate a CA
(Certificate Authority) is necessary. The browser needs only the
certificates from the CA and not the explicit ones of the reverse
proxy. For TLS/SSL a certificate signing request (CSR) is a method to
get a signed certificate. This request can be generated with openssl6.
In addition, the signing of the CSR can be done with openssl. In this
case the openssl x509 –req command is used. In this case the access to
CA Key is necessary.

Commands to create a CSR: Request and sign this CSR request


6 http://linux.about.com/od/ubusrv_doc/a/ubusg25t12.htm
7 http://www.herongyang.com/crypto/OpenSSL_Signing_keytool_CSR_4.html
8 http://support.sas.com/resources/thirdpartysupport/v92m3/appservers

Table of Contents

 About This Book

 Reference Citations in 2020

 Reference Citations in 2019

 Reference Citations in 2018

 Reference Citations in 2017

 Reference Citations in 2016

 Reference Citations in 2015

 Reference Citations in 2014

Reference Citations in 2013

 (Android) Getting Current Date and Time

 Deatil View with other language

 Ordering and Installing SSL

 JDK (JBoss/Tomcat) SSL Issue

 Web-palveluiden koostaminen: web- ja RESTful-palvelut

 Corso di Architetture Orientate ai Servizi

Hardening a SAS Installation on a multi tier installation on Linux

 [scala-user] for-loops still not optimized in 2.10?

 .bin/.cue - the purpose of .cue?

 (horror movie) com.hellogood.eCalendar

 Using keytool to convert bks file to p12

 Error while using LWP::Socket to send XML Data

 jdk 1.7 keytool doesn't save

 Distributed Key System Broken Up Over Multiple Nodes

 Upgrading to a Mantis UTF8

 Cant receive MMS with wifi turned on

 Including and using the MySql.Data.dll on your web host server

 Spring Download (in Korean)

 Android Data Storage Folders

 Distributed Key Systems: Enhancing Security...

 WP Spreadplugin Basket not shown

 How do you get multiple resultset from a single CallableStatement?

 Blowfish Cipher Algorithm in Java

 Harmonics Systems for Time Mining

 Reference Citations in 2012

 Reference Citations in 2011

 Reference Citations in 2010

 Reference Citations in 2009

 Reference Citations in 2008

 Reference Citations in 2007

 Reference Citations in 2006

 Reference Citations in 2005

 Reference Citations in 2004

 Reference Citations in 2003