Skip to main content
Support

KB Article #182869

How to fix the vulnerability on Integrator Port 8110 Self-Signed certificate

Problem

How to fix the vulnerability on Integrator Port 8110?

How to change self signed certificate defined on Port 8110 in Integrator?

Resolution

While I am trying to get the steps to replace that certificate in Integrator, just wanted to let you know that the Mdimporter process is used in Integrator V3 for communication with Composer to deal with importing SAP metadata from SAP server. That port was unsecure till a relatively recent SP when SSL was added. A self signed certificate was added for this in version 3.7.3 SP16. Further - If .jks file is deleted (we suggest this only be done with backup) then when integrator starts some errors(~ 80 lines) will appear in starter.log ending with something like this:

WARNING:20220225:11.18.10:r4edi(starter):too many start attempts for process "SystemMDImporterTask"

In this case mdimporter task will not be started but usually this is not an issue since this task is rarely needed on production environments. It is needed mostly on development environments. If certificate is replaced on Integrator side then the corresponding truststore should be prepared also and replaced on Composer side (Composer/composer/web/integrator/truststore/integrator_truststore.zip). So you can simply remove the .jks file on Integrator side.

So, basically you can remove this keystore from server to not show during scan. In case you do not use SAP, there is no use of MDImportTask in your environment.