Skip to Content

SSO Secure Login Client to Microsoft certificate store integration based on X.509 certificates

Hi experts

We are trying to implement SSO for SAP GUI based on X.509 certificates. We already have Secure Login Client installed on client PCs and existing Public Key Infrastructure (PKI). User certificates are imported to Windows certificate store on PCs. CA certificate imported also. I have all certificate files if needed.

The question is how to start to using user's certificates in Secure Login Client in Windows PC from MS Windows storage or from .crt files?



Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Nov 01, 2016 at 10:39 AM

    Hi Valery,

    how do you roll out your end user certificates? If there is an existing PKI, maybe Active Directory Certificate Service, then you should already see such certificates in Secure Login Client.

    Now you have to configure your ABAP system accordingly, i.e. run SNCWIZARD, get a PKI certificate for the SNC SAPCrypto PSE, and change your SAP Logon connection to use SNC.

    Finally, in SU01, create proper SNC user names.

    Now Secure Login Client (I guess you run the current version 3.0 SP01) will simply do SNC once you start a connection in SAP GUI.

    There is a lot of documentation about this standard use case, like the product guide or even videos.

    -- Stephan

    Add comment
    10|10000 characters needed characters exceeded