CHALLENGE
You need to know how many user enrollments have been performed by Secure Login Server in a given period of time, either for auditing reasons, to optimise the system resources, to find peaks and clusters in your user´s SSO day, or to find i...
In a previous blog, I have announced that we plan to publish the REST API that allows you to implement your own Secure Login Clients. Here we go.
In general, Secure Login Server 3.0 responds with REST objects that need to be parsed and interpreted b...
SAP SSO and Secure Login Client offers an SSH Key Agent since version 2.0. However, when you have a lot of local X.509 certificates (we do not support those short-lived ones from Secure Login Server), SSH connections may fail. In most cases, this h...
The new Secure Login Server version of SAP Single Sign-On 3.0 enhanced its X.509 capabilities by adding support for Enterprise PKI products like Microsoft Active Directory Certificate Services or Certificate Management over CMS (CMC) based solutions....
The new Secure Login Server version of SAP Single Sign-On 3.0 comes with a new REST based X.509 certificate enrollment protocol. It allows other SAP products, third party developers, and customers to develop and implement their own "Secure Login" cli...
Translation, please correct if it is incorrect:Single sign-on with Kerberos authentication is implemented for connections from Analysis for Office to BW/4HANA.In order to realize this single sign-on, we recognize that it is necessary to install "Secu...
Hello,you create a new Root CA and Sub CAs.If you have name mappings in use with subjectName + issuerName, reproduce these names (i.e. the Sub CA subjectNames).Then you roll out the new Root CA to all participants, i.e. Desktops, other clients, and s...
Well, standard SSH is not PKI aware. Instead, only the pure key pair (private and public key) is used. Every new public needs to be added to the user´s $HOME/.ssh/authorized_keys file.
Secure Login Client replaces the key pair for each new short-liv...
Hi Andrew,
in fact, if it is a valid use case, you can also use your own CA, e.g. an Enterprise PKI, or some private CA, which is not publicly known and implicitly trusted by the standard browsers and clients.
Our CF plugin custom-domains does not l...