cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to enable Certificate based Authentication with Sap Commerce Cloud as Server and Client

Go to solution
SAPSupport
Employee
Employee

4 weeks ago

178

We have two scenarios as explained below.

 

1) We are currently connecting with C4C system with basic authentication

How to move it to client based authentication when connecting from SAP Commerce Cloud to C4C directly?

 

2) We have commercewebservices Rest API hosted in SAP Commerce cloud and there are clients invoking it. We are currently using basic authentication (username, password) for connecting the clients.

Please help with the steps to enable certificate-based authentication for connecting from Client systems to SAP Commerce Cloud.

 


------------------------------------------------------------------------------------------------------------------------------------------------
Learn more about the SAP Support user and program here.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
SAPSupport
Employee
Employee
4 weeks ago

Please see Using X.509 Client Certificates for Outbound Request the guide to use client certificates for outbound request.

When client systems connects to SAP Commerce Cloud, please refer to Trusted CA Certificates for Client Authentication.

Show replies
Show replies
Sugapriya
Discoverer
3 weeks ago
0 Kudos
For SAP Commerce cloud inbound client certificate authentication, Can you please let us know how to generate certificates with private key specific to user connecting to commerce webservice calls. Is client certificate authentication is supported in Sap commerce cloud in OOB The link you have shared only talks about how to add/delete/remove CA Certificate. Also please guide us on the code/configuration changes to be done for validation of certificate
jane_zhu2
Associate
Associate
3 weeks ago

Hi Sugapriya, 

SAP Commerce Cloud doesn't provide CA client certificate.

For inbound scenario, i.e. user/client connecting to commerce webservice calls, you need to follow the inbound guide, i.e.provide trusted CA client certificate for your client and imported to commerce cloud domain.

When a client tries to establish a connection with the Commerce system, it uses a client certificate that is issued by the same trusted CA whose certificate was previously imported. In addition, the Common Name (CN) in the certificate's subject field matches one of the allowed domains.

Once the client presents its certificate, the Commerce system verifies the client's certificate against the imported trusted CA certificate to ensure it is valid and trustworthy. 

See Trusted CA Certificates for Client Authentication.

And there is no other code/configuration change needed to validate the certificate. Validation will happen when client connects to Commerce Cloud domain for corresponding request.

 

Ask a Question