Use
In this automatic activity, you configure Single Sign-On (SSO) between the ABAP and Java stacks of the SAP Solution Manager system.

Requirements
The following instance parameters are set:


login/create_sso2_ticket : 2
login/accept_sso2_ticket : 1

Activities
To perform this activity manually, you need to export the SSO certificate from ABAP in order to import in Java and vice versa.

Steps to export the ABAP SSO certificate:


Execute transaction STRUSTSSO2
Select the System PSE entry in the tree
Double click the Owner Certificate entry (e.g: CN=<SID>) in the "Own Certificate" section
Choose Export Certificate icon in the "Certificate" section to save the certificate with .crt extension (by default in Binary format) in a local folder

Steps to export the Java SSO certificate:


Open the Visual Administrator of the SAP Solution Manager Java Stack
Go to Server, Services, Key Storage
Select the TicketKeyStore entry in the "Views" section
Chose SAPLogonTicketKeypair-cert and press the Export button in the "Entry" button panel
Choose either X.509 (by default) to save the certificate with .crt extension

Steps to import the ABAP SSO certificate in the Java Stack:


Open the Visual Administrator of the SAP Solution Manager Java Stack
Go to Server, Services, Key Storage
Select the TicketKeyStore entry in the "Views" section
Chose SAPLogonTicketpair-cert and press the Load button in the "Entry" button panel
Select the ABAP SSO certificate that you have exported in previous steps and press "OK"

Steps to import the Java SSO certificate in the ABAP Stack:


Start transaction STRUSTSSO2 in client 000
Open the Certificate menu and chose Import
Select the path of the Java SSO certificate that you have exported in previous steps and validate
Once the Java SSO certificate details appear under the "Certificate" section, click on the Add to Certificate List button
Click now on the Add to ACL button
Provide the Java System ID and Client 000 (default Client for Java Application Server)
Validate and press the Save icon
Log in the production client and repeat the steps above to add the Certificate to ACL in the production client

 

 

+ Recent posts