Show TOC

 Executing Digital Signatures Locate this document in the navigation structure

Use

You carry out this procedure in the PI sheet if only one digital signature is required for the following functions:

  • To complete a process step

  • To accept an input value in an input validation

Prerequisites

  • If you use the user signature as your signature method , you need an external security product that is linked to your SAP System using the basis component Secure Store and Forward (SSF) .

  • In Customizing for Control Recipe Destinations , it has been specified that you must execute a digital signature to sign a process step in the PI sheet.

  • No signature strategy has been assigned to the control recipe destination or the process instruction, that is, only one signature must be executed.

  • The following authorizations have been assigned to you (authorization object C_CRPI_BER):

  • The authorization to execute digital signatures in PI sheets

  • If required, a maintenance authorization for the PI sheet, which is defined in the process instruction

Procedure

  1. Enter your user name as the signature.

The system checks whether you have maintained all data for the process step. If this is the case, the dialog box for executing the digital signature appears.

  1. If required, enter a comment in the text field.

  2. If you use the user signature as your signature method , make sure that the system can access your Personal Security Environment (PSE) .

How you do this depends on your security product. If you use a smart card reader, for example, insert your smart card in the reader.

  1. Enter your password in the dialog box for the digital signature and choose ( ) Continue .

The system checks:

  • Whether you are authorized to execute a digital signature

  • Whether your entries match the data in your user master record

  • Whether your entries match the data in your PSE (if you use user signatures)

Depending on the results of these checks, processing is continued as follows:

  • If your entries are invalid or the system cannot access your PSE, it takes you back to the dialog box where you can execute your signature again (step 4).

The function is canceled after a certain number of unsuccessful attempts that can be defined specifically for each customer. The user is locked and can no longer execute digital signatures. If a system signature was used, the user is even locked against logging on to the system again.

  • If your entries are correct, the data is reported or the input value is accepted.

Result

The process messages of this process step are transferred to process management, which sends them to the corresponding destinations. You can no longer change the data pertaining to the message in the PI sheet.

The signatory name is transferred to the PI sheet.

Detailed data about the signature, such as the signatory's name and user ID, comment, date, and time, are saved along with the signature.