Bye bye STRUSTSSO2: New Central Certificate Administration NW7.3
Bye bye STRUSTSSO2: New Central Certificate Administration NW7.3: It is time to enjoy for those who have NetWeaver 7.3 Java in their landscape or somewhere else provide from that Java system you can jump to any of your systems in landscape and firewall will not stop you from login.
If answer is yes then you can avoid use of STRUSTSSO2 and Java nwa license link to import-export certificates.
From just one NW7.3 Java system you can exchange certificate between between any two
Java <–> Java
ABAP <–> Java
ABAP <–> ABAP
without downloading and uploading of certificate files and with just few mouse clicks, what else you need in life? ????
SSO2 Wizard was introduced for AS Java 640: SP21 & for AS Java 700: SP14 that can be accessed through URL https://:5nn00/sso2
If you are having older SP levels than the mentioned above then you can deploy it from SAP Note 1083421 – SSO2 Wizard
After login, screen it will look like below
check the information marked in green
It will show the SID, client of Java, which is needed in order to work with SSO certificates.
You can notice that there are 3 certificates applied, you can see their SID and client as well, in the example the system with client number 007 is Java and rest two systems are ABAP.
If you want to add more systems you have two methods:
- By Querying Trusted System
- By Uploading Certificate Manually (old method needed file download and upload)
We will checkout easy method : By Querying Trusted System
It will prompt you for searching system from SLD, you can select it from SLD list else you can cancel it and come to below screen.
select the system type, for example I am selecting JAVA
Fill the hostname or IP, Port number like 5NN00 where NN is instance number. Click Next
Wizard will automatically pull the certificate along with the information like Client number when you will click on Finish, the certificate from this new system will be applied to SID shown on the top, like the arrow mark.
Lets see in case of ABAP
You can use any user ID with proper authorization.
The process is just the same in case of ABAP system.
Here we have seen that with help of Wizard, how life became easy, but wait this is not all……………..
We have seen that with help of this wizard we can apply certificate to java system easily, but when we want to apply certificates into some another Java system or ABAP system then?
Here our new friend NetWeaver 7.3 SSO2 Wizard will help, lets see whats extra in there.
Notice the new button “Connect to Remote System” this button was not there in older versions, you can checkout the screenshot given in starting of this blog.
When we click on the button, it will give two options from drop down.
Lets say I want to jump to any Java system in which I want to apply SSO certificates, no matter what version of Java that would be, fill in required values
Click OK and you will be able to jump to this new system, notice the changed SID in below screenshot (red arrow)
Now here you can follow the same method described above and import certificates from any ABAP or Java system as per your requirement.
Lets see, if we can jump to any ABAP system
Click OK
The green arrow shows in which system we are and with help of red eclipse we can import ABAP or Java system certificates as many we want.
In Nutshell, the new button “Connect to Remote System” giving you flexibility enough so that you can be Lazy ????
Though its not centralize administration but somehow you can work with all your systems in your landscape, so for generating sensation I am calling it centralized administration of SSO.
Hope this will be of help to some of us.
My other Blogs, if you have time…
How to Rename the Oracle Listener & Change Listener port for SAP
Multiple/Bulk transports with tp script for Unix (AIX, Solaris, HP-UX, Linux)
OSS1 & RFC connections SAPOSS, SAPNET_RFC, SDCC_OSS
Interrelation: SAP work process, OPS$ mechanism, oracle client & oracle shadow process
Install and configure NetWeaver PI 7.3 Decentralize Adapter part-1
Install and configure NetWeaver PI 7.3 Decentralize Adapter part-2
Bye bye STRUSTSSO2: New Central Certificate Administration NW7.3
New NetWeaver Information at SAP.com
Very Helpfull