Show TOC Start of Content Area

Background documentation Transport Layer Security  Locate the document in its SAP Library structure

SSL and SNC

Transport layer security for communication with or between SAP systems using either the Internet standard protocol Secure Sockets Layer (SSL) or the SAP interface for Secure Network Communications (SNC), depending on the underlying protocols used. See the table below.

Transport Layer Security

Protocol

Security Method Used

Comment

Internet protocols

(For example, HTTP, P4, LDAP)

SSL

SSL is a quasi-standard protocol developed by Netscape. It is used with an application protocol, for example, HTTP.

SAP protocols: dialog and RFC

SNC

SNC is an SAP interface that you can use to secure connections between SAP system components.

For an overview of the connections that support SNC, see SNC-Protected Communication Paths in SAP Systems.

Note

There are laws in various countries that regulate the use of cryptography. If you use SSL or SNC, you need to be aware of the impact these laws may have on your applications.

Protection Provided

Both SSL and SNC provide for the following protection:

·        Authentication

The communication partners can be authenticated. With SSL, you can set up the connections so that only the server component for the connection is authenticated or that both partners are authenticated. With SNC, both partners are always authenticated

      Data integrity

The data being transferred between the client and the server is protected so that any manipulation of the data is detected.

      Data privacy

The data being transferred between the client and the server is also encrypted, which provides for privacy protection. An eavesdropper cannot access the data.

External Security Products for SNC

SNC is a software layer in the SAP System architecture that provides an interface to an external security product. The interface used for the integration is the GSS-API V2 (Generic Security Services Application Programming Interface Version 2).

We do have a default security product available, the SAP Cryptographic Library. However, due to export regulations, we do not deliver this library with the SAP system. It is available for download for authorized customers on the SAP Service Marketplace at http://service.sap.com/download.

This library is also only available for use between server components. To use SNC with client components, for example, SAP GUI for Windows, you must purchase a security product that has been certified by the SAP Software Partner Program. For more information, see http://www.sap.com/softwarepartner (SNC interface).

Additional Information

Using SSL

For more information about using SSL with SAP NetWeaver, see

      AS ABAP: Configuring the AS ABAP for Supporting SSL  

      AS Java: Configuring the Use of SSL on the SAP J2EE Engine

      SAP Web dispatcher: Configuring the SAP Web Dispatcher to Support SSL  

      Guide for Automated Configuration: SSL Validation for ABAP and J2EE Systems:  http://service.sap.com/instguides  ®  Installation and Upgrade Guides  ® SAP Business Suite Applications  ® Cross-Applications Tools  ® Automated Configuration

      SAP Note 1527879 for information about about switching from HTTP to HTTPS in a complete landscape

Using SNC

For more information about using SNC, see:

      Secure Network Communications (SNC)

      Using the SAP Cryptographic Library for SNC

      AS Java: Configuring SNC: AS Java --> AS ABAP   

 

End of Content Area