It's full of stars!

  • All Content
  • About

Basis

Basis SAP

X.509 troubleshooting – Send X.509 Certificate in HTTP Header

In many cases a proxy is placed between the end user and the SAP backend, like a Web Dispatcher. User –> Proxy (intermediate) –> SAP The proxy / intermediate receives the user certificate, extracts and adds it to HTTP header SSL_CLIENT_CERT. When a connection to the SAP backend is opened, Read more…

By Tobias Hofmann, 5 yearsJuly 20, 2020 ago
Basis SAP

X509 based logon – 5 – Test

After configuring your NW ABAP instance to support user logons with X.509 certificates, it is time to test the correct setup. The test is simple: access a HTTP service like Web Gui and log on by sending a user certificate. Activate SAP Web Gui service Tx: SICF Select webgui and Read more…

By Tobias Hofmann, 5 yearsJuly 17, 2020 ago
Basis SAP

X509 based logon – 4.4 – User logon with rule based mapping – Specific user

For this configuration step, the same pre-requisites as for 4.2 apply. This option is like a technical user with X.509. The logon is done with a X.509 certificate, and a fix SAP user is assigned. That is, your user will always log on with the same user id in SAP, Read more…

By Tobias Hofmann, 5 yearsJuly 16, 2020 ago
Basis SAP

X509 based logon – 4.3 – User logon with rule based mapping – Alias

Besides mapping a X.509 user to a given user ID in an SAP system, you can also map the user by an alias or to a specific user. In step 4.3 I’ll show the configuration for alias mapping, and in 4.4 for a specific user. Create alias for user Tx: Read more…

By Tobias Hofmann, 5 yearsJuly 15, 2020 ago
Basis SAP

X509 based logon – 4.2 – User logon with rule based mapping – user name

This configuration is about enabling the user to log on via X.509 and get a valid SAP user assigned by mapping a property from the certificate to an SAP user property. Mapping the user via a wizard is the recommended approach. For this to work, you need to enable certificate Read more…

By Tobias Hofmann, 5 yearsJuly 14, 2020 ago
Basis SAP

X509 based logon – 4.1 – Enable users for logon on NW ABAP – Mapping table

This approach is considered legacy, deprecated and is not recommended any longer by SAP. I just include this here as a reference for those that cannot update. Tx: SM30 Table VUSREXTID External ID Type DN Add a new entry. Switch to edit mode. Click on new entries A new entry Read more…

By Tobias Hofmann, 5 yearsJuly 13, 2020 ago
Basis SAP

X509 based logon – 3 – Create a user certificate

The user needs to have a valid X.509 certificate to be able log on at the SAP System (via ICM service). This certificate is issued by the intermediate CA. Create a CSR for a user and let the intermediate CA sign it. Following my own blogs, I get a certificate Read more…

By Tobias Hofmann, 5 yearsJuly 10, 2020 ago
Basis SAP

X509 based logon – 2 – Add CA certificates to PSE

Certificates are based on trust. Trust is established by trusting a PKI and the CA that issues certificates. To establish the trust needed for X.509 based user logon, import the certificates of the issuing PKI. In my case, I do have a root CA and intermediate CA. I’ll have to Read more…

By Tobias Hofmann, 5 yearsJuly 8, 2020 ago
Basis SAP

X509 based logon – 1 – Configure ICM to accept client certificates

SAP Help Configuring the SAP Web AS for Supporting SSLicm/HTTPS/verify_clientConfiguring the AS ABAP to Use X.509 Client Certificates A pre-requisite is to configure NW ABAP to support TLS / HTTPS. To be able to log on to NW ABAP using a X.509 user certificate, the ICM service must be configured Read more…

By Tobias Hofmann, 5 yearsJuly 6, 2020 ago
Basis SAP

Troubleshooting – OAuth 2.0 NW ABAP token service return HTTP 500 Internal Server Error

Problem After sending a request to the access token endpoint /sap/bc/sec/oauth2/token you get an internal server error 500. Investigation Tx: SA38 Program: SEC_TRACE_ANALYZER Run program. Select OAuth varian: click on Get Variants Click on Activate Trace is active. Reproduce the issue. The log trace for the user will show the Read more…

By Tobias Hofmann, 5 yearsMay 12, 2020 ago

Posts navigation

Previous 1 2 3 4 … 16 Next
  • Datenschutzerklärung
  • Impressum
  • Cookie-Erklärung
Hestia | Developed by ThemeIsle