cancel
Showing results for 
Search instead for 
Did you mean: 

Public key certificate installation in sap abap

pnagar
Participant
0 Kudos
1,894

Dear Experts,

My client has one requirement. They need to send files from sap to the 3rd party application and they had given me certificate as below.

and they asked me to import into our development system as abap.Since i know that i need to use the tcode strust but i am having below doubts please help me on the same.

1. In which client do i need to install these certificates.

2. where in strust i have to import these certificates. strust shows below screen but i am not sure where do i need to import them.

Accepted Solutions (0)

Answers (3)

Answers (3)

Isaías
Product and Topic Expert
Product and Topic Expert

Dear Prashant,

What is the purpose of those certificates?

It is just so SAP trusts the target system?

If yes, you would usually import them at the "SSL Client (Standard)", but depending on the configuration you might have to import it on the "SSL Client (Anonymous)".
In any case, importing the certificate in both client standard and anonymous would not cause any negative effects.
However, if these certificates would be used for SAP to authenticate itself on the target system, then it would be better to create a dedicated PSE.

About how to import it

  1. Switch to edit mode (first button on the top/left, that has glasses and a pencil);
  2. 2x click on the client PSE that you want to import the certificate to;
  3. access the menu Certificate -> Import;
  4. Select the certificate file and confirm;
  5. Click at the "add to certificate list" button;
  6. Save.

Regards,

Isaías

Isaías
Product and Topic Expert
Product and Topic Expert

To clarify, the import procedure is valid if the purpose is to make SAP trust the remote website...

pnagar
Participant
0 Kudos

Dear isaias.freitas,

The purpose is that we have a 3rd party application/website to which we would be sending the data from sap S4hana.if you want me to ask the functional team like what king of data and how we would be sending it then i could get those details as well from my functional team.

Isaías
Product and Topic Expert
Product and Topic Expert
0 Kudos

Dear pnagar ,

I was referring to the purpose of the certificate itself.

For what will the certificate be used? Just so SAP trusts the erd party website? Or SAP must send it to authenticate itself (e.g., instead of using a username/password, the certificate will be presented for the authentication)?

Regards,

Isaías

dasistdochscheisse
Active Participant

The client is not important. The only client dependant part is the ACL (access control list) and you can only see this list when you use STRUSTSSO2.

Which PSE to use... that depends on the way, the abap system talks to the third party system. How is the communication established? Maybe you have to create a new PSE.

You can try it out. A change in the configuration here gets activated after a restart of the ICM. You do not have to restart the whole system. To restart the ICM, use the menu 'Environment - ICM Monitor - Administration - ICM - exit soft'. Then refresh the monitor until the ICM is up again. This might be very fast, so have a look at the 'Number' counter which is reseted by this.

pnagar
Participant
0 Kudos

Dear dasistdochscheisse

communitication to be done via https then which pse do i need to use.

dasistdochscheisse
Active Participant
0 Kudos

to be more specific: is the connection defined in SM59?

pnagar
Participant
0 Kudos

Dear dasistdochscheisse

No not defined in sm59.

dasistdochscheisse
Active Participant
0 Kudos

Hello Prashant,

if there is no RFC connection involved, i would try it with SSL-Client Standard, as Isaias said. He is right, the system cannot be harmed. You can add the certificate, try it out and delete the cert if it does not work (just restart ICM after every change). In your work directory is the file dev_icm which is the trace file for the ICM. If anything goes wrong (because of whatever, e.g. missing certificate) you can look up there which PSE is involved.