on 03-02-2015 10:36 AM
Hi Folks,
I set up a c-based (NW 7.20) tRFC-Server-Connection (TCP/IP) to SAP (NW 7.40).
Now I want to secure this connection using the SAP Securelibrary (secgss.dll), but without SSO.
--
I took the following steps in the SAP R/3-Backend:
- configured SAP for SNC in RZ10:
snc/enable = 1
snc/permit_insecure_start = 0
snc/accept_insecure_rfc = 1
snc/accept_insecure_cpic = 0
snc/accept_insecure_gui = 1
snc/data_protection/use = 3
snc/identity/as = p:CN=SAP/SAPServiceEC6@<xyz>.de
snc/gssapi_lib = /usr/sap/EC6/DVEBMGS00/sll/libsecgss.so
snc/data_protection/min = 2
snc/data_protection/max = 3
snc/r3int_rfc_secure = 0
snc/r3int_rfc_qop = 3
snc/force_login_screen = 0
snc/only_encrypted_gui = 1
snc/only_encrypted_rfc = 2
snc/extid_login_rfc = 1
abap/use_paging = 0
- configured the user using SU01
p:CN=SAP/SAPServiceViadat@<xyz>.de
unsecure logins are allowes
- configured the connection in SM59
Partner: p:CN=SAP/SAPServiceViadat@<xyz>.de
snc active
- created the certificate for sapcryptolib in STRUST
- set the ACL in SNC0 for my partner
vsl501810.VIADAT.viadat / p:CN=SAP/SAPServiceViadat@<xyz>.de
--
Programming actions:
- configured the c-based rfc-server-connection to use SNC.
SET the SNC_LIB path
set the SNC-Options to use.
I can login with SNC,but everytime I'm trying to test my rfc-connection in SM59 I am getting the errormessage "no credentials were supplied).
I've attached my latest trc-file (as a txt-file).
Can anyone help?
Thanks,
Ben
Hallo all,
finally got a solution:
1. We had to download the 32bit of the SAPCRYTPOLIB, 32bit code. The secgss.dll only works for the SAPGUI.
2. We had to create pse-certificates in SAP R3 and on client side. And exchange them.
3. The environment varialbles SECUDIR and and SNC_LIB must be set on client-side.
4. The SECUDIR environment variable must be set using "setenv SECUDIR" on bashrc. As we are using CENTOS as Unix-host and SAP did not set the variable correctly.
That's all.
Regards,
Ben
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Siddesh,
my rfc-programm is loading the login-parameters from database and is setting them during runtime.
The "normal" rfc-connection works, but the SNC seems to loose some parameters during runtime.
Regards,
Ben
Hello Siram,
I compiled my rfc-sourcecode against the 7.20-Version of the SAPNetweaver-Library. Just our SAP-Backend is Netweaver 7.40. I am not shure if this has any interoperbility-issues.
Regards,
Ben
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
sorry benjamin, I understood perfectly now, what you are trying to do, skimmed through the RFC sdk (interesting to read).
I had a look at your trace file again, looks like as you said, the SNC connection is being opened correctly, however communication thereafter is giving an error which is described in the note below.
http://search.sap.com/notes?id=0000962532
The note specified isn't valid for your version of rfc library or kernel, however you may have discovered a potential issue with either 7.20 RFC SDK or the relevant kernel of 7.40 abap server.
I would suggest you log a message with SAP.
sorry, can't help further.
Regards,
Siddhesh
Great,
You can also check the version of librfc32.dll or librfc32u.dll, check if it correctly matches the NW 7.20 RFC sdk, sometimes it doesn't get overwritten properly and causes all sorts of problems.
336693 - Replacing or installing librfc32.dll on Microsoft Windows
Regards,
Siddhesh
Hi Benjamin
I not sure SAP NW 7.20 will not support to NW 7.4 Could you refer the SAP Note along with PDF for Interoperability within the SAP systems.
1388258 - Version Interoperability within the SAP Business Suite
BR
SS
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
95 | |
11 | |
11 | |
10 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.