Show TOC

Creating the Anonymous SSL Client PSELocate this document in the navigation structure

Context

The AS ABAP uses the anonymous SSL client PSE when accessing other Web servers using the SSL protocol. Note that the server does not use the information contained in this PSE for its own authentication; it only uses the PSE's information to authenticate the Web server that it is accessing. Therefore, you do not need to have the corresponding public-key certificate signed by a CA and the steps for generating and importing a certificate request are not necessary.

Procedure


  1. Create the anonymous SSL client PSE in the same way you created the SSL server PSE. Take into account that the Distinguished Name is automatically set to CN=anonymous by the system and cannot be changed.

    For more information, see Creating the SSL Server PSE.

  2. Maintain the PSE's certificate list.

    Import the root certificates from the CAs that have issued the public-key certificates to the Web servers that the AS ABAP accesses using the anonymous SSL client PSE.

    Example

    For example, if the AS ABAP accesses a Web server that possesses a public-key certificate issued by myCA, then the certificate list in the application server's SSL client PSE must contain the myCA root certificate. Otherwise the AS ABAP cannot successfully authenticate the Web server.

Results

The AS ABAP can authenticate the Web servers that it accesses using the SSL protocol.