Maintaining
RFC Destinations and their SNC Options
Using
Transaction SM59
Use
Use transaction SM59 to maintain RFC destinations and their SNC options.
When maintaining the SNC options for RFC destinations using transaction SM59, you specify the following SNC information:
· SNC mode for the connection (active or inactive)
· Quality of protection (QoP)
· SNC partner name
The other SNC-relevant settings (the application server's SNC name, the location of the external library, the maximum quality of protection, and the default quality of protection) are applied as defined in the application server's instance profile (see Profile Parameter Settings on AS ABAP).
If the RFC destination is an external RFC server program (Activation type = Start), then note the following:
● If you specify the external server program to start on an explicit host, then you need to specify the SNC name of the partner host in the SNC options to use SNC for the connection.
● If you specify the external server program to start on the application server or on the frontend workstation, then the SNC name of the partner is automatically derived from an existing secure path and you do not need to specify the SNC name of the partner in the SNC options. (In this case, the field for the SNC name is not activated.)
Prerequisites
Before you can maintain the SNC information, the RFC destination must be defined and SNC activated on the application server.
Procedure
From the Display and maintain RFC destinations screen (transaction SM59):
...
1. Place the cursor on the destination to change and choose Change.
2. Select the Logon & Security tab page.
3. Choose Edit → SNC Options.
The Change View "SNC extension: Details" screen appears.
4. Enter the quality of protection in the QOP field.
5. Unless the destination is an external program that starts on the frontend workstation (see the note above), enter the SNC name of the communication partner in the Partners field.
6. Save the SNC options.
You return to the destination maintenance screen.
7. Activate SNC.
Quality of Protection (QoP)
The following rules apply to the relationship between the QoP entered in the destination and the QoP configured in the application server's profile parameter:
● The RFC destination's QoP can be smaller than the application server's snc/data_protection/min or larger than the application server's snc/data_protection/max.
● If the RFC destination's QoP is larger than the level provided by the external security product, then the largest possible QoP is used.
● If the RFC destination's QoP = 8 (default), then the QoP value from the application server's snc/data_protection/use is used.
● If the RFC destination's QoP = 9 (maximum), then the QoP value from the application server's snc/data_protection/max is used.
Set the QoP to either 8 (default) or 9 (maximum value).