For the user to able to log on with his client certificate, SAP Web Dispatcher (WD) must forward it. In a SSL termination scenario, this means that the WD is authenticating itself against a SAP backend, and repasses the client certificate of the user inside a header. SAP Help. This is the scenario configured in the previous blogs and the one that must be tested. To test it, I`ll use the Fiori logon screen.
Change ICF node to use client certificate based logon
Changing the procedure can give you some popups about the current configuration; depends what was already configured.
With this, to access the ICF node, the user must send a client certificate.
Call the URL of the service in the browser. URL: https://nwgw74.tobias.de:8100/sap/bc/ui5_ui5/ui2/ushell/
A popup should appear (given that you have a valid client certificate installed). Select the right certificate.