Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

X.509 client certificate import

Former Member

‎10-15-2008 3:11 PM

0 Kudos

Hi,

I am configuring X.509 certificate in our landscape (ECC 6.0 ABAP + Java stack). Users connecting from Internet should not be asked for User ID and password and this is possible via X.509 certificates.

I had enabled SSL, HTTPS and X.509 on the server.

Now I want to know how the user's client certificates are imported into their Web browsers.

<h4>I mean which certificate has to be imported? And from where we have to download this client certificate.</h4>

Appreciate your help.

Cheers,

RAJU

4 REPLIES 4

Former Member

‎10-15-2008 4:13 PM

0 Kudos

Hi Ganapathi,

Follow the below presentation. There are some slides that talk on importing X.509 certificates into User Browsers.

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b69f6f89-0a01-0010-1198-ba7fff95...

Regards,

Kiran Kandepalli.

former_member402999
Explorer

‎10-16-2008 9:38 AM

0 Kudos

Hi Raju,

you might obtain X.509 client certificates from the SAP Trust Center Services. Have a look at [http://service.sap.com/TCS] -> SAP Trust Center Services in Detail -> SAP Passports in your SAP solution.

Best regards,

Klaus

Former Member

‎10-19-2008 3:03 PM

0 Kudos

There are a lot of places you can obtain a certificate. Where you choose to obtain one depends on its intended purpose.

The previously mentined sites are useful but you need to look at your intended purpose.

If you need to secure financial transaction you can purchase client certificates from one of the many well known Certificate Authorities (CA's) like Verisign, Comodo, Thawte, or GTE Cybertrust (and many more) or you can set up your own CA.

You can implement your own CA using one of the free Certificate Authorities below.

Microsoft Windows Servers (since Windows 2000) come with a component called Microsoft Certificate Services which is a Certificate Authority (CA). The Certificate Services can be fully manual via a web page or integrated into Active Directory for either (or both) automatic certificate enrolment and distribution.

If you want to use Linux or Solaris try [OpenCA|http://www.openca.org|OpenCA.org]. It has only recently been realeased out of Beta.

There are also comercial CA's that you can purchase from several vendors.

Former Member

‎10-19-2008 3:10 PM

0 Kudos

One last point. Netweaver does not issue certificates. It is not a CA. You need to obtain certificates from a CA and have Netweaver set it to trust the CA's root certrificate. Variasign and many of the comercial CA's are already trusted.

Don't forget you also need to map the certificates to the users. This isn't done automatically!