Start of Content Area

Procedure documentation Configuring a Trust Relationship for SAML Token Profiles Without Logon Ticket Configuration

Use

If you do not want to use logon tickets in your system landscape, you need to manually configure the trust relationship between the systems and exchange the certificates.

Prerequisites

      The X.509 client certificates for the WS Security PSEs have been signed by a Certification Authority, so that encryption can be used. The certificate contains the CA v3 extension Subject Key Identifier.

Procedure

...

       1.      Export the WS provider system certificate.

More information:

       Exporting the AS ABAP Certificate 

       Exporting the AS Java Certificate 

       2.      Import the WS provider system certificate into the WS consumer system.

       If the provider system is an AS ABAP, see Trust Manager. 

       If the provider system is an AS Java, see Importing Certificate and Key From the File System. 

       3.      Export the WS consumer system certificate.

More information:

       Exporting the AS ABAP Certificate

       Exporting the AS Java Certificate

       4.      Import the WS consumer system certificate into the WS provider system.

       If the consumer system is an AS ABAP, see Trust Manager. 

       If the consumer system is an AS Java, see IImporting Certificate and Key From the File System.  

       5.      Include the imported certificates in the access control lists of systems, if necessary

 

 

 

End of Content Area