Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
Showing results for 
Search instead for 
Did you mean: 
Active Contributor

In part 1 of this blog series, I showed how to secure your SCC with a trusted UI Certificate:

Therefore, in this blog, I will show how to further secure your SCC with a trusted System Certificate, put your CA certificate in the Trust Store, install a SCC CA Certificate and with that enable Principal Propagation.

Installing a SCC System Certificate is very similar to installing a UI Certificate. The steps are:

  1. Generate and export a Certificate Signing request (CSR)
  2. Import and sign the CSR in your CA tool
  3. Export the resulting certificate and subsequently import it into the SCC

To import your CA certificate into your SCC, you have to export it in DER format:

Then you can import it into your SCC Trust Store:

Generating the CSR for your SCC CA Certificate is similar to the SCC System Certificate, but there is one important difference and that is 2 additional X.509 Extensions, i.e. Certificate Sign and CRL Sign. These are generated automatically by the SCC, but make sure they are present prior to singing the request:

Subsequently, your SCC CA Certificate can be imported:

And with that, Principal Propagation can be activated:

As a result, we got 2 more green boxes in the SCC General Security Status:

In my next and final blog of this series I will show how to Configure local LDAP authentication of your Cloud Connector administrators.

Labels in this area