on 01-29-2015 3:30 PM
Hi All,
We are planning to deploy NW SSO to enable Single Sign-On for NWBC for HTML and AS ABAP with Kerberos and SPNEGO. According to my understanding, the Kerberos token do not need any CA to sign, however, for https connection between NWBC for HTML and AS ABAP, we need a certificate signed by one of the CA, is it true?
If it required a CA for SSL-related certificate, can the Secure Login Server component provide necessary capabilities to sign the certificate? If it's not possible, what is the alternative option to obtain the required certificate?
Regards,
Duy
Hello Duy,
right, Kerberos uses your Windows Domain Controller as trusted instance, and SSL/TLS requires a PKI to establish trust.
Secure Login Server can act as your SSO landscape PKI trust center. In SLS Admin Console, you can either issue PKCS#12 files or, and this is recommended, sign your ABAP server´s certification request which you got from STRUST.
-- Stephan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
9 | |
8 | |
6 | |
6 | |
6 | |
5 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.