Solved: Authentification with X.509 on SAP NW Java

Former Member · ‎05-25-2012

Hi experts,

A Certificate RootAuthority delivers X.509 to our users.

We want to have authentification using those X.509 on SAP NW Java. Does SAP Java able to check certificate validity in RootAuthority Server ? Does it come out of box, or do we need additionnal library ?

Thanks for your help,

mvoros · ‎05-25-2012

Hi,

it should work out of the box. Check SAP doco for more info.

http://help.sap.com/saphelp_nw72/helpdata/en/4a/41f432343f2ab1e10000000a42189c/content.htm

Cheers

mvoros · ‎05-25-2012

Hi,

it should work out of the box. Check SAP doco for more info.

http://help.sap.com/saphelp_nw72/helpdata/en/4a/41f432343f2ab1e10000000a42189c/content.htm

Cheers

Former Member · ‎05-29-2012

Hi Martin,

Thanks for your quick answer. I will be more precise in my question :

User certificate is compare to CA root authority certificate stored in PSE file (no direct request) ?

For Certificate Revocation, there is no way to send a request to CA ? The only way is to include ACL file on Java server ?

Thanks,

mvoros · ‎05-29-2012

Hi,

not sure if I understand your first question but the system needs to trust to certificate that is used to sign certificates for users. The certificate (chain of certificates) is stored in PSE. There is no call to CA to verify cert.

CRL file can be downloaded to application server to improve performance. In this case you have to update CRL by yourself. Java AS can also request CRL from CA. Hence the answer for you second question is no. You can have online request. More info.

Cheers

Former Member · ‎06-06-2012

thanks Martin for your answer. It helps.