Skip to Content
Former Member
Sep 30, 2009 at 01:58 AM

SSL - How to create a certificate for a service user?


I have an SAP (PI) system to which a third party system (Siebel) needs to connect. I want that system to connect as an authenticated user and I need SSL security over the link. I don't want "&userid=xxxx,&password=yyy" in the URL for fairly obvious reasons.

I have called transaction STRUST and created server, anon client, standard client and an application client certificate. All certificates are signed using our internal PKI and corporate root certificate.

The Siebel team have provided me with both client and server certificate requests which I have signed using our internal PKI infrastructure and returned. These certificates, and the internal certifying authority root certificate chains have been installed in Siebel.

Now I want Siebel to launch an https session to access my PI system. PI should required client authentication in the SSL exchange and receive a certificate in response. Once the certificate is verified and the connection is thereby authenticated I need to assign an SAP service user to the connection.

How do I map an SAP NetWeaver userid to a certificate presented by a web client?

Does this mapping happen in the Java stack or the ABAP stack?