on 11-04-2013 4:08 PM
We have a great deal of external web services which we call from SAP via HTTPS. As consumers of the service, each time their certificate expires we have to wait until the provider renews it and re-import it. If we do not do this and the certificate expires we get SSL errors.
But surely SAP supports the idea of a CA Root? In that case we would only need to manage the certificate of the CA Roots (e.g. Verisign, Thawte etc.) and all signed certificates would be trusted. Is there a guide on how to implement this?
The problem of expiring certificates exists regardless whether CA roots are stored in the SAP system or not. The reason being that the certificates of your providers also expire, regardless of the expiration of the CA roots. See the attached link for the only official document I'm aware of that talks about the issue, the topic being NWSSO however.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I don't see what you mean by "incorrect". I understand and agree with everything you just wrote: we manage our CA certificates and it's easier than managing individual domain certificates. Perhaps you could explain what you mean by "providers"?
Just to be clear: we are not concerned with issuing certificates but importing certificates of domains for which we consume web services.
There is no special guide as the procedure is the same you are currently following. (Import the CA Root into the TrustedCAs-view.)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.