on 06-17-2016 10:16 AM
Hello,
I implemented NW SSO in our SAP landscape and implemented it on our CRM system.
I want to use SSO on Desktop Connection for SAP CRM, professional edition Release 2.0 SP04.
I am trying to implement it using admin the guide's X.509 Certificate-Based Authentication section
(https://websmp207.sap-ag.de/~sapdownload/012002523100012038332015E/DCN_Admin_Guide_11_8.pdf)
Unfortunately I could not succeed in getting the certificate on Desktop Connection for SAP CRM - Login screen although the certificate is imported to the store.
What I did is;
* Exported NW SSO Root Certificate in x.509 format.
* Imported the Root certificate to Trusted Root Certification Authorities store of Local Computer. (Explained in detail in )
Did anybody use NW SSO on Desktop Connection for SAP CRM?
Can you help about the issue, please?
Thanks and Regards,
Yuksel AKCINAR
Hello Yuksel,
You will be able to find here:
https://service.sap.com/~form/sapnet?_SHORTKEY=01100035870000764122&_SCENARIO=01100035870000000202&
This guide: "Administrator's Guide Deskt. Conn. prof. ed. 2.0 SP04 Patch2"
On page 32 of this guide there is a procedure how to configure X.509 Certificate-Based Authentication for Desktop Connection for SAP CRM.
If this will not be helpful, you have to create a CSS ticket.
Regards,
Donka DImitrova
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Donka,
Thank you for the reply.
I used the same guide.
Unfortunately Local computers store does not come under Trusted Root Certification Authorities when I want to install certificate as mentioned in step 7.
"7. Expand the Trusted Root Certification Authorities store and select the Local Computer store below it."
I used mmc and add snap-in Certificates and installed the certificate to Local Computer certificate store as seen below.
Stil certificate does not come on login screen.
Regards,
Yuksel AKCINAR
Hi Yuksel, I haven't played with this for a while. But from my memory I would say that you also need to import all relevant Intermediate CA certificates into the clients' trust store. In this case the "Secure Login User Su..." CA. It should be possible to put the whole chain into one .p7b file and import them client side as one package.
Regards,
Lutz
Hello Yuksel,
Plese, make sure that you start the Desktop Connection for SAP CRM only when the SLS certificate is already enrolled. I am not sure that the certificate will be displayed in the drop-down if you first start the solution, and then enroll the SLS X.509 certificate, and then look back at the solution.
If you are sure that the SLS X.509 certificate is enrolled first and is available in the certificate store, and then you start the Desktop Connection for SAP CRM and you don't see the certificate, Please, create a CSS message on the SAP CRM component, explaining that you are trying to configure SSO based on X.509 certificates. Explain that you are facing the following problem: The X.509 certificate of the user (available in the certificate store of the user) is not properly displayed in the drop-down for selection during the authentication process.
Regards,
Donka
User | Count |
---|---|
88 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.