cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAC iOS Mobile App - how to find the right certificate for SSO to Live-BW

Stefan_Backhaus
Participant

on ‎09-07-2020 9:36 PM

Hi Community,

I want to enable SSO towards a Live-BW connection in the SAC iOS mobile app.
Which personal certificate is needed to "Import with Analytics" in the iOS sharing menu as described here (SAP HELP)

To be clear:

  • SAML2-SSO to SAC already works in a regular browser.
  • SAML2-SSO to live-BW already works in a regular browser.
  • It even works on my iPhone using Safari Browser with automatic VPN Tunnel.
  • I need the live-connection working in the iOS App

There have been similar questions asked but I can not find more details about how to obtain the correct certificate.
My "certificate-admins" in the company were no help so far because they have never seen such a strange "Import to App" thing. And SAP is dodging the bullet by just saying "your idP, your problem to figure it out".

Thanks for taking your time and helping me out.

Best regards
Stefan

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

ivanyin
Advisor
Advisor
‎09-08-2020 11:09 AM
0 Kudos

Hi Stefan,

I am not very sure about your query here. Are you asking about which cert is used for your BW Live connection authentication or how to import the cert into SAC APP?

If you don't know which cert is used, this has to be checked with your IDP team cause IDP is the real consumer of the cert.

If you have got the client certificate, please first change it to .mcert format. Then send it to your mobile by any method such as email. Then click the cert and choose Open with. You should be able to find the SAC APP icon there. Then click the icon to import the cert into SAC APP.

Regards,

Ivan

Show replies
Show replies
Stefan_Backhaus
Participant
‎09-08-2020 9:20 PM
0 Kudos

Hi Ivan,

thank you so much for taking your time answering my question.

1) Which Cert?
Yes, that was part of my question. I might have solved it after long talks with my IdP-Admins and Certificate-Gurus. I understand that SAP can not support ANY IdP setup, however some example from something common like MS AD should be available in the documentation.

For anyone looking this up later in time: I am taking this one, which is my personal identity certificate in the active directory and used for the SAML2 login to SAC.

2) How to upload

Thanks for your description. I tried this. It's well described in the above linked SAP HELP article.

However, after entering the correct Certificate password, I get an error message. The SAC mobile app log file shows this: "Error: Error Domain=NSOSStatusErrorDomain Code=500 "Trust is denied but recoverable. Please contact your IT administrator."

Certificate is valid, contains the private key, contains the full certificate path.

Any ideas appreciated.

Regards,
Stefan

Ask a Question