Hi Jorge,
if the UME is used with an ABAP based system as the back-end user storage, do the following:
Generate and export the Portal Certificate:
Go to Visual Administrator
Choose <SID> - Server - Services - Key Storage - from the tree Select the view TicketKeystore under Views
If the SAPLogonTicketKeypair exist, delete it.
If the SAPLogonTicketKeypair-cert exist, delete it.
Generate a portal certificate using the following steps:
Under Entry choose Create.
Enter the folowing values in u201CKey and Certificate Generationu201D
Organization Unit Name (OU) = J2EE
Common Name (CN) = <SID>
Entry Name = SAPLogonTicketKeypair
Store Certificate: X
Algorithm: DSA
Click u201CGenerateu201D
Import the Portal Java Certificate into ABAP
STRUSTSSO2
System PSE:
u201CImport Certificateu201D - Choose your exported .crt file - File format = Binary
Click u201CAdd to Certificate Listu201D
Click u201CAdd to ACLu201D - System ID = <SID>, Client = 000
save it.
Export PSE ABAP Certificate and import into J2EE Portal:
STRUST
Choose PSE, export it and save as <SID>.pse
sapgenpse export_p12 -p <SID>.pse <SID>.p12
copy the generated p12 file <SID>.p12 to J2EE Portal
Go to Visual Administrator
Choose <SID> - Server - Services - Key Storage - from the tree Select the view TicketKeystore under Views
export the .p12 ABAP certificate with "Load"
adjust com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule:
Choose <SID> - Server - Services - Security Provider - from the components tree select evaluate_assertion_ticket
ensure that trustediss<n>, trusteddn<n>, trustedsys<n> are correct set.
ume.configuration.active = true.
restart the ICM in SMICM
If you also want to use SSL, there are some further steps to be done.
Regards,
Gerd
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.