Hi,

SSL is supported by WebAS, and XI is just an application on top of it. The certificates are entered using the Visual Administrator, and also in the ABAP environment, depending on whether you also plan to use it with the SOAP adapter. The configuration is normally done by the basis person.

128-bit is supported. You can get certificates from various providers, e.g. Verisign. To work with a partner who has an user certificate, that user will have to provide you with his public certificate.

The XI Configuration Guide that comes with the installation CD have the instructions. Also, you can access that following weblogs for additional info:

/people/gregor.wolf3/blog/2005/10/11/setup-https-ssl-for-the-sneak-preview-sap-netweaver-04-abap-edition-on-windows

/people/thomas.jung3/blog/2005/05/13/calling-webservices-from-abap-via-https

Regards,

Bill

Thanks William. I have a question for you based on the points you have mentioned below.

You Said : To work with a partner who has an user certificate, that user will have to provide you with his public certificate.

What I have understood: The Public key will be used to ENCRYPT the Document that we are sending to our Partner (Receiver).

The Partner will be having a PRIVATE key to decrypt the above encrypted document.

The Public and Private Keys are supplied by CA, but you say "user will have to provide you with his public certificate.

I am bit confused, could you spend few more minutes to clarify me.

Thanks a million.

Could some one help me please?

Thanks.

Rohini,

What are you trying to achieve? Does your partner require the data to be encrypted when they receive your files/ payload? If so these can be achieved using third party encryption softwares like GPG/PGP and host of other java encryptions available in the marker.

If the purpose is to just transmit the file over secure channels (HTTPS), then you need to enable SSL on your XI server (and certificates come into picture)..

Thanks sSG. We are trying to send the Business Documents thru HTTPS.

If we have any special certificates thats specifi for SAP-XI Industry?

Normally who are the Popular Certificate Vendors?

Once we install the certificate, should the XI developer has to modify anything in his Scenario?

Hi Rohini,

For example, as your business partner, I would apply to a CA for a certificate. The CA would send me a private and a public key. As you mentioned, I keep the private key to decrypt messages I receive. And, I would give you the public key to encrypt the message and for authentication purposes.

When you receive my public key, you can enter it in the J2EE/ABAP configurations. During HTTPS transmission, the key is used for authentication purposes.

Regards,

Bill

Hi William,

We have 2 entities involved in encryption and decryption and I am also facing a similar issue.Do we actually require CA to receive a private key and a public key..?Cant we generate our own key pair individually at the bothe ends using tools which are available and simply exchange the public keys.As exchanging public keys oevr net/mail wont be a problem coz only the recievr with corresponding private key can decrypt the ciphertext..Please explain the hazards of not involving a certificate Authority

Thanx in advance.

mailid: akshata.m@gmail.com