Hi Experts,
in one of our current projects we need to implement an Secure Login Server behind an Web Application Firewall (WAF) acting as a reverse proxy.
The WAF terminates the SSL connection from the Client and then talks to the SLS using HTTP only, possible to again re-encrypt and talk via SSL to the SLS.
SLC -- HTTPS/SSL --> WAF (SSL termination) -- HTTP --> SLS
I´ve not done this configuration yet but maybe one has some experience what to consider and IF this is possible, as the SLC is not a "classical" web application like a browser (XML/SOAP) this may be harder for the WAF to forward. SAP have you any recommendations about how to configure such a scenario? The customer is not using an 3rd product for reverse proxy/WAF.
Thx and best regards,
Carsten