Preparing the WS Provider AS Java for Certificate Authentication at Message Level

Users can also authenticate themselves with the system using X.509 certificates. Use the following procedure to configure the provider system so that it can use an X.509 certificate in the consumer system message to identify the service user under which the Web service is to be executed.

Prerequisites

The option for using signatures and encryption is selected in the consumer system.
You have exported the certificate of the consumer system that is to be used and stored it as a file.
- More information, if the consumer system is an AS ABAP: Preparing the WS Provider AS ABAP for Accepting the Signature
- More information, if the consumer system is an AS Java: Preparing the WS Provider AS Java for Accepting the Signature

Procedure

Load the user’s certificate in Identity Management in the SAP NetWeaver Administrator. Once the certificate has been successfully checked, the user to which the certificate is assigned is looged on.

In the provider system, in the SAP NetWeaver Administrator choose Operation Management Users and Access Identity Management .
Find the service user to be used, under iwhich the Web service is to be executed, and select it in the results list.
Switch to edit mode, and upload the consumer system certificate on the Certificates tab page (such as System_cert_<consumer system SID>).

Note
If the Certificates tab page is not displayed, check the UME parameter ume.logon.allow.cert.

End of the note.
To assign the certificate, save the user.