Hello,
I'm working on encryption between SAP-GUI and Application-Server, uses Keberos.
I don't want to use sso.
Here a list what I have done so far.
Could you read this an advise what's wrong in Setup or what is missing.
Thanks in advance
Reinhard
0) Create SNC-User SAP/snc-ce-user ( checked with: setspn - Q )
1) Create Kerberos PSE
sapgenpse keytab -p $SECUDIR/SAPSNCSKERB.pse -a SNC-CE-USER@xxxx.yyyy
-y Password
2) Create SNC SAPCRYPTOLIB
4) After step 1) and 2) there are two files in /usr/sap/$sid/DEVBMGSxx/sec
5) sapgenpse seclogin -p $SECUDIR/SAPSNCSKERB.pse -x PW -O SAPServiceSRD
6) Installation of SNC Client Encryption 2.0
7) Settings in GUI
😎 System Parameter
snc/r3int_rfc_secure 0
snc/r3int_rfc_qop 8
snc/data_protection/min 1
snc/data_protection/use 1
snc/accept_insecure_cpic 1
snc/accept_insecure_gui 1
snc/accept_insecure_rfc 1
snc/enable 1
snc/identity/as p:CN=SAP/SNC-CE-USER@xxxxxxxxx.LOCAL
snc/permit_insecure_start 1
snc/data_protection/max 3
snc/gssapi_lib $(SAPCRYPTOLIB)
RE-START SAP OK
BUT GOT an GUI ERROR
Activated Securtiy Trace. Seems to be ok.
d
- SAP Managed Tags:
Accepted Solutions (0)
Answers (2)
| User | Count |
|---|---|
| 83 | |
| 10 | |
| 10 | |
| 9 | |
| 7 | |
| 6 | |
| 5 | |
| 5 | |
| 4 | |
| 3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.