Preparing the WS Provider AS Java for Certificate Authentication at Message Level

Prerequisites

The option for using signatures and encryption is selected in the consumer.
You have exported the certificate of the consumer that is to be used and stored it as a file.
- For more information, if the consumer is an AS Java, see Preparing the WS Provider AS Java for Accepting the Signature
- For more information, if the consumer is an AS ABAP, see the AS ABAP documentation.

Context

Users can also authenticate themselves with the system using X.509 certificates. Use the following procedure to configure the provider so that it can use an X.509 certificate in the consumer message to identify the service user under which the Web service is to be executed.

Procedure

Load the user's certificate in Identity Management in SAP NetWeaver Administrator. Once the certificate has been successfully checked, the user to which the certificate is assigned is looged on.

In the provider, in the SAP NetWeaver Administrator choose Operation Management Users and Access Identity Management.
Find the service user to be used, under iwhich the Web service is to be executed, and select it in the results list.
Switch to edit mode, and upload the consumer's certificate (such as System_cert_ <consumer system SID> ) on the Certificates tab page.

Note

If the Certificates tab page is not displayed, check the UME parameter ume.logon.allow.cert.
To assign the certificate, save the user.