Skip to Content
avatar image
Former Member

SSO thru Digital Certificate

Dear Techis.

Good Day!

I am trying to implement SSO function for webase Gui (HTTPS and SAP ECC 6 AS ABAP System) and using Digital Certificate for the user authentication.

I have already done the followings:

1- I have configured my SAP ECC AS ABAP Server for SSO / HTTPS.

2- My server is signed with SAP AG test root Server certificate.

3- I am using x.509 Client certificate

4- I have mapped this client certificate in table USREXTID

5- I have also installed the above client certificate in my browser.

But when I try to access the Server thru HTTPS web link, I get the windows give certificate error message (which is acceptable)

u201CThe Security Certificate presented by this website was not issued by a trusted certificate authorityu201D

I proceed with u201CContinueu201D option.

The System asks for the user ID and password and work fine after providing user ID/ PW.

My question is that, why my digital certificate is not being used / processed for the authentication?

Looking forward for the positive replies.

Regards

Saqib Ayub Khan

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Oct 06, 2010 at 06:01 AM

    Hi,

    it looks like authentication using SSL certificate failed and the system went back to backup method (user name and password). Have you tried to activate tracing in SMICM (Goto -> Tracelevel -> Set) to see what the problem is?

    Cheers

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Dear Martin Voros

      Thanks for the reply.

      Yes my SMICM trace level is 3, but I have not been able to identify any error message there.

      Since its trace level is 3, it wouldnu2019t be a good idea to post it here!

      Can I attaché / send it separately? Or can you tell me what exactly should I try to find from the SMICM log?

  • avatar image
    Former Member
    Oct 06, 2010 at 09:01 AM

    Hi,

    >3- I am using x.509 Client certificate

    This client certificate must be signed and the certification authorities must be imported in STRUST. Did you do that ?

    Regards,

    Olivier

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Martin Voros

      Dear Martin Voros

      Thanks for the advice, I have already checked it with the Chrome, but it didnu2019t work with it

      But now I have just downloaded and installed Firefox. Now with this change I can see some different in SMICM logs as well. You may find it from the below link!

      http://www.zshare.net/download/81231149a5af37c4/

      Thanks for the advice, I believe we are near to solve it.

      Regards

      Saqib