Skip to Content

CC 7.0.7 - Client connection w/o certificate

Hi together!

I have set up a SAP CC 7.0.7 system by following the Installation and Configuration guides.

Now I've noticed that I am able to login to the CDT Client without having imported the client certificate to the Client-PC.

I don't use SSO (single-sign-on) but want to to restrict access to the system to clients that have the certificate only.

Any suggestions about a missing checkbox or something else?

Which settings should I validate?

Thanks,

Robert


Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Nov 06, 2014 at 11:22 AM

    Hello Robert,

    you must have trusted root certificate to be installed on the client workstation to connect to BCM system. If the client computers "can see" certificate server you do not need client certificate to be installed on it.

    BR,

    Anton.

    Add a comment
    10|10000 characters needed characters exceeded

    • Hi Robert

      It seems that you might be trying to achieve something that is not supported in the product; a shared client certificate (+ respective private key) for multiple clients to use and for SAP CCtr to verify, and just after that to request for user id and password.

      So we have to back what @Alexander Kupke already said.

      The confusion can partly be caused by the use of term “client certificate” in SAP Contact Center (BCM) documentation when talking about the server certificate of COS.

      The possession of certificate (chain) of the issuer of COS certificate is not a secure way of authorizing users/PCs to connect to COS. With proper tools, it could be possible to grab the issuer’s certificate from network communications between PC and COS.

      BCM6 shouldn't have behaved differently in this respect, unless there was erroneous COS certificate validation in the terminal in certain scenarios.

      Kind Regards,
      -Lasse

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.