Enable certificate based logon – 6 Test certificate based logon with Web Dispatcher

Published by Tobias Hofmann on

1 min read

For the user to able to log on with his client certificate, SAP Web Dispatcher (WD) must forward it. In a SSL termination scenario, this means that the WD is authenticating itself against a SAP backend, and repasses the client certificate of the user inside a header. SAP Help. This is the scenario configured in the previous blogs and the one that must be tested. To test it, I`ll use the Fiori logon screen.


Change ICF node to use client certificate based logon

Transaction: SICF

Path: /default_host/sap/bc/ui5_ui5/ui2

Changing the procedure can give you some popups about the current configuration; depends what was already configured.

With this, to access the ICF node, the user must send a client certificate.


Call the URL of the service in the browser. URL: https://nwgw74.tobias.de:8100/sap/bc/ui5_ui5/ui2/ushell/

A popup should appear (given that you have a valid client certificate installed). Select the right certificate.

Let the world know
Categories: BasisSAP

Tobias Hofmann

Doing stuff with SAP since 1998. Open, web, UX, cloud. I am not a Basis guy, but very knowledgeable about Basis stuff, as it's the foundation of everything I do (DevOps). Performance is king, and unit tests is something I actually do. Developing HTML5 apps when HTML5 wasn't around. HCP/SCP user since 2012, NetWeaver since 2002, ABAP since 1998.


Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.