We are enabling SSO between SAP Web AS 6.40 and an External Pension Web System. We need to append a digital signature to the URL that accesses the Pensmart system.
We are using function module SSF_KRN_SIGN_BY_AS to generate digital signatures for input string 'UID=111223333&PID=ABCXYZ'. The digital signature is then base64 encoded using function module SSFC_BASE64_CODE. However the digital signature value differs every time a signature is generated although the input string remains the same. Authentication fails at Pensmart system because the digital signature cannot be verified. Any help on how to use SSF_KRN_SIGN_BY_AS for digital signatures or different options on digital signature generation will be appreciated! (I have already gone through SSP Programmers guide.)
We are using X.509 client certificates for PKI, SAP CRYPTOLIB as security toolkit. certificate uses RSA algorithm and was created using SSF_CREATE_PSE report as per OSS note 836367.