Show TOC

Maintaining the User's Certificate InformationLocate this document in the navigation structure


  • The UME property ume.logon.allow_cert is set to TRUE .

    You can edit this property with the SAP NetWeaver Administrator:

    1. Go to Start of the navigation path Configuration Management Next navigation step Security  Next navigation step  Authentication and Single Sign-On End of the navigation path.

    2. Choose the Properties sub-tab and choose the Modify button.

    3. Select the checkbox of the ume.logon.allow_cert property.

    4. Save the changes.

  • You have user administration rights for using the UME user management administration console.


When using SSL and client certificates for user authentication, the user is identified using a client certificate. To allow the AS Java to identify users, their client certificate must be available in their user account. There are several options:

  • The administrator imports users certificates manually and adds them to the user's data. The following procedure describes the steps required.

  • Users map their own certificates to their user ID at logon. The administrator does not need to perform any steps.

  • Users' certificates are already stored as a user attribute on the LDAP directory. In this case you need to map the relevant attributes. For more information, see Attribute Mapping for Client Certificates . You do not need to perform the steps in the following procedure.


  1. Start identity management.

    For more information, see User Administration Console .

  2. Select a user.

  3. Modify the user.

  4. On the Certificates tab, maintain the user's certificate.


    If the Certificates tab does not appear, check the UME parameter ume.logon.allow.cert .


The user can log on to the AS Java using SSL and this client certificate for authentication.