Skip to Content
avatar image
Former Member

SNC: Using SNC to Encrypt Traffic - Client/Server (No SSO)

Hello everyone,

I am using SNC to Encrypt Client/Server GUI Traffic from Windows GUI clients to SAP AS ABAP running on Solaris 10.  SSO is not a consideration in this configuration.

I have read the "Installation, Configuration, and Administration Guide - SAP NetWeaver Single Sign-On SP1".  My AS ABAP System is now configured and running an SNC X.509 Configuration as described in section 3.1 (Starting on Page 19) of this document.  All well so far.  dev_w0 confirms SNC is enabled on AS ABAP.

My Windows GUI Installation (SAPGUI 7.30 - Patch 2) is has SNC enabled

On the "Network" tab of the given GUI Connection I have check "Activate Secure Network Communication" and have entered the same "SNC Name" as is entered in "snc/identity/as", which corresponds to the PSE that has been entered using STRUST (obviously).

The Server SNC Key is signed by a root certificate I created using "snc createroot".

My GUI won't allow the connection because seemingly it can't resolve the trust path back to my self-created rootCA (makes sense).

My question: is there any way to get the GUI to recognize and trust my self-created root-CA or am I forced into abandoning this solution and using Kerberos as described starting on Page 22 (with Section 3.2) and in this overview?

Many thanks for your thoughts...

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Jul 11, 2013 at 11:10 AM

    Hi Philipp,

    you did make use of the wrong documentation I would assume. Please check the docs at the help portal. You can also find additional information in note 1643878.



    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Patrick.  I have good news.  We now have SNC working.

      I've developed a document in consultation with our onsite SAP America Consultant which explains the process (hopefully a bit better than SAP's documentation).  It's under review and hopefully will be posted soon.