Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Activate SNC on AS ABAP

Go to solution
TMASaphir
Explorer

on ‎2024 May 17 1:33 PM

2,674

Hello,

I am trying to activate the SNC on my ABAP server.

I am trying to create the PSE on Tcode STRUST, unfortunately I can not do it because the node 'SNC SAPcryptolib'  prevent to create a PSE.

 

Can you please advise what should I do?

thank you.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
Mark_A_Parsons
Contributor
‎2024 May 17 1:47 PM
you may want to update the tags as this doesn't fall under the tag "SAP Replication Server"; did you by any chance mean 'SAP Landscape Transformation replication server'?

Accepted Solutions (1)

Accepted Solutions (1)

DavidSolaliga
Explorer
‎2024 May 17 2:48 PM

Hi dear,

This is in this SAP note:https://me.sap.com/notes/2440692

Use transaction SNCWIZARD to configure the SNC profile parameters and create or configure the SNC SAPCryptoLib PSE.An application server restart is required for the profile parameters to take effect.The SNC SAPCryptoLib PSE now must be signed by a Certification Authority (CA) using one of the following options:

SAP Single Sign-On SeTcure Login Server PKI
Certificate Life Cycle Management using SAP Single Sign-On 3.0 Secure Login Server
Enterprise or 3rd party PKI, e.g. Microsoft Active Directory CA, using the Replace Wizard in transaction STRUST. Please refer to SAP Note 2414090.
Starting from CommonCryptoLib version 8.5.11, SNC Client Encryption can be controlled by two new profile parameters. Please use SAP Note 2338952 for details.

ccl/snc/snc_client_encryption_allowed

Enable or disable SNC Client Encryption:

0 (disabled)
1 (enabled)

Default value: 1 (enabled)

ccl/snc/snc_client_encryption_require_x509

Force X.509 server authentication in SNC Client Encryption 2.0. If you are using SNC Client Encryption 1.0 and this option is enabled, the Kerberos solution will not work:

0 (disabled)
1 (enabled)

Default value: 0 (disabled)

 

Regards,

Solaliga David

 

Show replies
Show replies
TMASaphir
Explorer
‎2024 May 21 3:02 PM
Hello David,
TMASaphir
Explorer
‎2024 May 21 3:03 PM
Hello David, while launching the tcode SNCWIZARD i have the message : 'SAPCRYPTOLIB too old' I have the version 8.5.36 of sapcryptolib. Do you know where the issue may come?
mamartins
Active Contributor
‎2024 May 21 5:01 PM
The 8.5.35 is from 03.11.2020. The current one is 8.5.54 (09.02.2024)

Answers (1)

Answers (1)

TMASaphir
Explorer
‎2024 May 17 3:14 PM

Hello David,

thank you.

When launching the SNCWIZARD Tcode, i have an error message : 'SAPCRYPTOLIB too old'

I have the Sapcryptolib Version 8.5.36 which is not so old.

Any idea what I am missing ?

thanks for the support

Best regards,

Show replies
Show replies
toscatsui
Explorer
‎2024 Jul 26 3:07 AM
2304831 - Programs fail after CCL 8.5 is installed
Ask a Question