Transport Layer Security

Transport layer security for communication with or between SAP systems using either the Internet standard protocol Transport Layer Security (TLS) or the SAP interface for Secure Network Communications (SNC), depending on the underlying protocols used.

See the following table:

Protocol	Security Method Used	Comment
Internet protocols (For example, HTTP, P4, LDAP)	TLS	TLS, commonly referred to as SSL, is used with an application protocol, for example HTTP.
SAP protocols: dialog and RFC	SNC	SNC is an SAP interface that you can use to secure connections between SAP system components.

Protection Provided

Both TLS and SNC provide for the following protections:

Authentication

The communication partners can be authenticated. With TLS, you can set up the connections so that only the server component for the connection is authenticated or that both partners are authenticated. With SNC, both partners are always authenticated.
Data integrity

The data being transferred between the client and the server is protected so that any manipulation of the data is detected.
Data privacy

The data being transferred between the client and the server is also encrypted, which provides for privacy protection. An eavesdropper cannot access the data.

Security Products for SNC

SNC is a software layer in the SAP System architecture that provides an interface to an external security product. The interface used for the integration is the GSS-API V2 (Generic Security Services Application Programming Interface Version 2).

We do have a default security product available, the SAP Cryptographic Library. For more information, see SAP Note 1848999 Information published on SAP site .

SAP Cryptographic Library is also only available for use between server components. To use SNC with client components, for example, SAP GUI for Windows, use SAP Single Sign-On or purchase a security product that has been certified by the SAP Software Partner Program.

For more information about SAP Single Sign-On, see http://help.sap.com/sso Information published on SAP site .

For more information about the SAP Software Partner Program, see http://www.sap.com/softwarepartner Information published on SAP site (SNC interface).

More Information

Using TLS

For more information about using TLS with SAP NetWeaver, see the following:

SAP NetWeaver AS for ABAP: Configuring the AS ABAP for Supporting SSL
SAP NetWeaver AS for Java: Configuring the Use of SSL on the AS Java
SAP Web Dispatcher: Configuring the SAP Web Dispatcher to Support SSL
Guide for Automated Configuration: SSL Validation for ABAP and J2EE Systems: https://support.sap.com/en/tools/software-logistics-tools.html LM Automation SSL Validation.

Using SNC

For more information about using SNC, see the following: