Skip to Content

Best approach to shorten long DNs (snc/identity/as)

Hi guys,

does anyone know the best approach since SSO 3.0 and CommonCryptoLib how to shorten long certificate DNs? I remember vague to a gss_alias function but don't know for sure. The ccl/snc/namealias/ only works for client certificates. I am looking for ways to shorten a long SNC identity (server certificate).

Thank you.

Cheers, Carsten

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • avatar image
    Former Member
    Dec 20, 2016 at 07:47 AM

    Dear Mr. Colt,

    To shorten the SNC server name, a configuration should be made on the client side. SAP SSO 3.0 did not offer such configuration.

    KR

    Valerie

    Add comment
    10|10000 characters needed characters exceeded

  • Dec 20, 2016 at 08:27 AM

    Dear Valerie,

    thanks, I was afraid about that. If you don't mind, could you please point me to that specific configuration you are taking about?

    Cheers,

    Carsten

    Add comment
    10|10000 characters needed characters exceeded

  • Dec 20, 2016 at 11:31 AM

    Hi Valerie!

    We tried adding the following to gss.xml on the client. I can see in the SLC trace that gss.xml is found as well as the <nameconversion> tag. But the conversion doesn't take place. Anything we are doing wrong?

    My AS ABAP has: p:CN=QH1SNC

    gss.xml:

    <nameconversions>
    <searchstr>CN=QH1SNC</searchstr>
    <replstr>CN=QR1SNC</replstr>
    </nameconversions>

    Trace says: ccl/snc/namealias/value_0 = CN=QR1SNC

    But nothing is happening.

    Thanks

    Michael

    Add comment
    10|10000 characters needed characters exceeded