Configure the ICM to trust the system certificate you created for principal propagation, and map temporary certificates to ABAP users.
The Fiori front-end server is enabled to use SSL.
The Fiori front-end server trusts the technical user certificate from SAP Mobile Platform Server.
For more information, see Configuring the Fiori Front-End Server to Trust SAP Mobile Platform.
Start the Profile Editor (transaction RZ10
)
Use the value help to select the profile to edit, for example, the DEFAULT profile.
Select the Extended maintenance
radio button, and then choose Change
.
Create the following parameters:
Issuer of the technical user certificate:
Parameter name: icm/HTTPS/trust_client_with_issuer
Example values: CN=MyCompany CA, O=Trust Community, C=DE
Subject of the technical user certificate:
Parameter name: icm/HTTPS/trust_client_with_subject
Example values: CN=SCC, OU=HCP Scenarios, O=Trust Community, C=DE
Save the profile.
Open the ICM Monitor (transaction SMICM
) and restart the ICM:
Choose
.Verify that the two profile parameters have been taken over by ICM as desired:
Choose
.You can do this manually in the system as described below or make use of an identity management solution (IDM) for a more comfortable approach. For large numbers of users, rule-based certificate mapping is a good way to save time and effort. For more information, see “Rule-Based Certificate Mapping” in the NetWeaver Platform documentation at http://help.sap.com/nw_platform.
Open Assignment of External ID to Users (transaction EXTID_DN
).
Switch to edit mode.
Create a new entry.
Specify the subject of the certificate as External ID.
In the User
field, provide the appropriate ABAP user, for example JOHNDOE.
Save the mapping.
Repeat the steps for all users that shall be supported for the scenario.