X509 based logon – 5 – Test
After configuring your NW ABAP instance to support user logons with X.509 certificates, it is time to test the correct setup. The test is simple: access a HTTP service like Web Gui and log on by sending a user certificate.
Activate SAP Web Gui service
Tx: SICF
Select webgui and activate the service. The open the context menu of the node and click on test service. A web browser will open the following URL:
https://vhcalnplci:44300/sap/bc/gui/sap/its/webgui?sap-client=001
Normally you see a warning message. That’s because the ICM service is not configured to use a valid HTTPS server certificate. You can ignore the warning and instruct your browser to open the web site.
After trusting the server certificate for HTTPS, the browser will aks you the provide a certificate. This is because ICM was configured to ask for a certificate and your user certificate was added to the browser keystore.
Select the certificate and send it to NW ABAP. ICM will validate it and obtain a valid user session from NW. You will be logged on and see the start screen of SAP Web Gui for HTML. You just logged on to SAP without providing your password.
1 Comment
SSO Logon with X.509 certificate | It's full of stars! · July 24, 2020 at 10:00
[…] Test […]