Hi Experts.
I am working with a client that only access AS2 services through X.509 Client Certificate Authentication.
Until now, all the Partners Certificates issued by Trusted Centers were configured and are running correctly.
This past week I've been trying to set up a new partner certificate authentication. This certificate is issue by " Symantec Class 3 Secure Server CA - G4" But Even though I have validated and compared the configuration over and over again the authentication still fails.
Vaidations of Configuration:
- Import Certificates on SSL_ICM_### and TrustedCAs keystores. (export cert to PSE button also)
- I validated the certificate on the CRL test tool, and was OK.
- Create user for AS2 communication (on /useradmin) and import Certificates on Certificate Tab
Now I noticed that the certificates I have been configuring correctly until now use signature algorithm SHA1RSA, the one with problem uses SHA256RSA.
I went through notes and discussion, everywhere says it is necessary to have at least installed a SAPCRYPTOLIB 5.5.5 PL34 to suppor SHA256. And as you can see I have that version
Another difference I found on the certificates was:
The working Certificate has as Enhanced Key Usage:
Server Authentication (1.3.6.1.5.5.7.3.1)
For the ones with error the Enhanced Key Usage was:
Server Authentication (1.3.6.1.5.5.7.3.1)
Client Authentication (1.3.6.1.5.5.7.3.2)
Any comment will be very much appreciated.
Regards
Henry
- SAP Managed Tags:
Accepted Solutions (0)
Answers (1)
| User | Count |
|---|---|
| 98 | |
| 11 | |
| 11 | |
| 10 | |
| 10 | |
| 8 | |
| 6 | |
| 5 | |
| 4 | |
| 4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.