Entering content frameProcedure documentation Configuring the System for Using X.509 Client Certificates Locate the document in its SAP Library structure

Procedure

  1. Configuring the SAP Web AS for Supporting SSL.
  2. Set the profile parameters snc/extid_login_diag = 1, snc/extid_login_rfc = 1 icm/HTTPS/verify_client = 1 (accept certificates) or 2 (require certificates).
  3. Restart the ICMan (using transaction SMICM).
  4. Maintain the user mapping in table USREXTID.
    1. Enter the following information in the corresponding fields:
      2.

      Field

      Value

      Comment

      Type of external ID

      DN

      Enter in the Determine Work Area: Entry dialog.

      Extern.ID

      Distinguished Name as found in the user's certificate.

      		  

      Serial no.

      Serial number of the certificate: 000 is the default value.

      Optional and not currently checked in the system.

      User

      SAP System user ID

      		 

      Min. date

      Earliest date on which the certificate is valid for logging on to the system.

      Optional and not currently checked in the system.
    2. Set the Activated indicator to activate the client certificate logon for the user.

      3. Note

      You may want to enter users' data in preparation for using certificates and activate them at a later time.

    3. Save the data.

Result

The SAP Web Application Server can accept X.509 client certificates as the authentication mechanism.

 

Leaving content frame