X.509 certificates and JCo

vmolina · ‎08-11-2022

Hi everybody,

I have a java application that is using JCo to connect to SAP. We want to use X.509 certificates to authenticate, however we cannot use SAP Common Crypto Libs to do that, as where the application is hosted, we cannot generate any other files such as the .pse, cred_v2, etc. So, is it possible to use JCo with X.509 certificates without SNC? If not, is there another way to use SNC and X.509 crts?

Thanks

HAL9000 · ‎08-14-2022

As of now, JCo does not evaluate the logon parameters which you specify. So you may use any logon parameter combination, and JCo itself would not complain.

It is the target system that will evaluate the logon credentials. And an ABAP system only accepts an X.509 certificate in a classic RFC logon via an SNC secured connection. This is also what the JCo JavaDoc says at interface com.sap.conn.jco.ext.DestinationDataProvider:

The logon with X.509 certificates is based on SNC and can only be used in combination with a secure network connection.

However, this is for the RFC over classic CPIC communication.
If your SAP system already has this feature, you can give it a try with using RFC over WebSockets, where connections are secured using TLS instead.

X.509 certificates and JCo

Accepted Solutions (0)

Answers (1)

Answers (1)

Re: $count=true not forwarded to external OData V2...

Re: SAP UI5 Timeline is not in chronological order

Re: Adding a Calculated field from Item-level to S...

Re: SAP UI5 Timeline is not in chronological order

Re: SAP UI5 Timeline is not in chronological order