on 11-20-2015 3:10 PM
Hi,
I am trying to use SAPSSOEXT to verify a logon ticket in a Microsoft .NET environment. I have downloaded and built the C# sample code and I am using it to examine a ticket which was generated by SAP Netweaver Portal.
The sample program requires a file containing the public key with which the ticket was encrypted. For example, this could be the verify.pse file from the issuing system. However, the issuing system in this case is Netweaver 7.5 which does not have a function for exporting verify.pse.
What can I use instead of verify.pse to provide the public key?
Thanks,
Richard
I actually resolved this issue myself, so for anyone who is interested, here is the answer.
The public key can be provided as an X.509 certificate (go to NWA -> Configuration -> Certificates and Keys; select TicketKeyStore; export SAPLogonTicketKeypair-cert).
This certificate can then be imported on the target machine using Certificate Manager (run certmgr from the command prompt). Then export it from Certificate Manager as a DER encoded binary X.509 file.
This file can then be passed to SAPSSOEXT with the -crt parameter.
Richard
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Richard,
this forum is about the SAP NW SSO product. I would suggest to move this thread to the security forum, as this is the place where questions on ABAP app servers security features are usually discussed.
With regards to your question, did you have a look at sapgenpse?
You can create a pse with this command and then import the key into that pse.
Kind regards,
Patrick
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.