Skip to Content
0

Best approach to shorten long DNs (snc/identity/as)

Dec 20, 2016 at 07:25 AM

69

avatar image

Hi guys,

does anyone know the best approach since SSO 3.0 and CommonCryptoLib how to shorten long certificate DNs? I remember vague to a gss_alias function but don't know for sure. The ccl/snc/namealias/ only works for client certificates. I am looking for ways to shorten a long SNC identity (server certificate).

Thank you.

Cheers, Carsten

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Valerie Kouatchou-Sunou
Dec 20, 2016 at 07:47 AM
0

Dear Mr. Colt,

To shorten the SNC server name, a configuration should be made on the client side. SAP SSO 3.0 did not offer such configuration.

KR

Valerie

Share
10 |10000 characters needed characters left characters exceeded
Carsten Olt Dec 20, 2016 at 08:27 AM
0

Dear Valerie,

thanks, I was afraid about that. If you don't mind, could you please point me to that specific configuration you are taking about?

Cheers,

Carsten

Share
10 |10000 characters needed characters left characters exceeded
Michael Kummer Dec 20, 2016 at 11:31 AM
0

Hi Valerie!

We tried adding the following to gss.xml on the client. I can see in the SLC trace that gss.xml is found as well as the <nameconversion> tag. But the conversion doesn't take place. Anything we are doing wrong?

My AS ABAP has: p:CN=QH1SNC

gss.xml:

<nameconversions>
<searchstr>CN=QH1SNC</searchstr>
<replstr>CN=QR1SNC</replstr>
</nameconversions>

Trace says: ccl/snc/namealias/value_0 = CN=QR1SNC

But nothing is happening.

Thanks

Michael

Share
10 |10000 characters needed characters left characters exceeded