Show TOC

SNC Scenario 1: Using a Single Key Pair for ALL ComponentsLocate this document in the navigation structure

Use

In this scenario, you create a single key pair to use for all components. Create the key pair on a single component and copy it to the other servers. For example, you can create and maintain a PSE on the AS ABAP and export it to use for other components. See the graphic below for an example of using the same PSE as the AS ABAP as on the AS Java.

Note

For SNC between server components, it is sufficient to use self-signed certificates because you always configure explicit communication partners.

Figure 1: Copying a Single PSE to all Server Components

Advantages

The initial configuration is easier in this case. All of the components share the same security information, and you do not need to exchange their public keys to establish the necessary trust relationships.

Disadvantages

Transparency decreases which makes analyzing problems more difficult. All of the components have the same key pair and the same Distinguished Name, and therefore it is more difficult to determine which key pair is actually referred to in error messages or in trace information.