09-01-2006 12:20 PM
Hi all,
I wanted to inquire about 3rd party digital certificates usability within the SAP environment. for e.g can Verisign digital certificates be used within the SAP environment. Any directions/links on related reading material would be highly appreciated. How certs can help in compliance etc.
ARK.
09-01-2006 3:33 PM
service.sap.com/security>SAP netweaver in detail>
security>certified security patners>
patners for digital signatures
09-01-2006 3:33 PM
service.sap.com/security>SAP netweaver in detail>
security>certified security patners>
patners for digital signatures
09-01-2006 4:10 PM
Sorry, Keerti.
But I assume that Ahsan was asking a different question:
he has wondering whether SAP software can verify a digital signature that has been created by a different software product (and vice versa).
Well, of course that is possible. Just think of the German tax law and the <a href="http://www.elster.de">ELSTER</a> requirement (abstract: electronic transmission of tax forms/reports, encrypted, vendor-independent). Or think of (3rd party) Document Archive solutions (=> digitally signed URLs) that can be used with SAP products.
09-01-2006 4:59 PM
My bad. yes obviously we ca use third party ones.
But SAP itself provides user and system signatures from 4.6c onwards.
and well they do provide logging for audits on these through DSAL transaction.
I never worked with this concept. but did read stuff on this.
please mention if I am wrong
Message was edited by: Keerti Vemulapalli
09-01-2006 5:06 PM
Good that you've mentioned this:
<b>server signatures</b>
Yes, that is available as of R/3 4.5
The application server signs (and verifies) digital signatures using the SAPSECULIB library (provided by SAP, not subject of export control)
<b>user signature</b>
This requires an external security product (SSF).
The data will be signed at the (user) frontend, after displaying the content to the user. Each user has his own X.509 certificate (with the private key stored on the frontend; the application server has no access to it).
09-01-2006 5:43 PM
I looked up for information on this.
and I see 700495 SAP note provides a .PDF which explains more about customizing issues with DS.
09-01-2006 5:58 PM
09-04-2006 3:49 PM
Why should the usage of Digital Signatures be restricted (on a per-user base) by authorization checks?
Digital Signatures are used to check the origin and integrity of (signed) data. They might be used for user authentication (if the private key belongs to one individual user, cf. X.509 client certificates used for SSL client authentication). But where is the link to authorizations ...?!
09-05-2006 3:39 PM
Hi Wolfgang,
But I do see C_SIGN Auth. Object which allows the execution of digital signatures depending on the application and signature object.
09-05-2006 8:02 PM
Well, that authorization object was unknown to me - but I've done a little research (using SUIM, searching for that authorization object in a 6.20 system).
According to the docu the object C_SIGN is only checked when using the class CL_DS_RUNTIME and the BADI DS_AUTHORITY (BADI method AUTHORITY_CHECK).
Best regards,
Wolfgang
05-22-2007 1:35 PM
how do i implement digital signatures in adobe using sap web dynpro netweaver and abap for backend? if you can provide some documents or links that can help for the same.
02-26-2008 10:16 AM
Hi Lanij,
Check URL http://help.sap.com/saphelp_nw2004s/helpdata/en/37/504b8cbc2848a494facfdc09a359b1/frameset.htm
This gives details on Adobe functions and digital signatures
Also SDN has extensive documentation on Adobe Interactive forms and digital signatures available at
https://www.sdn.sap.com/irj/sdn/adobe
Regards