Preparing Customer Networks for Certificate-Based Authentication
With SAP Focused Run 3.0 Feature Pack 02, it is possible to setup certificate-based communication for new customer networks. A migration of existing networks is possible with SAP Focused Run 3.0 Feature Pack 3, and for Feature Pack 2 through SAP Note 3138250.
In Global Settings & Network Configuration, there is now the option to select “HTTPS / Certificate-based Authentication”.
Preliminary Information
The prerequisite for this is a successful preparation of the infrastructure, to achieve secure communication. This is a customer responsibility. The product SAP Focused Run does not offer mechanisms to manage or distribute certificates.
Fundamentally, this setup requires a sound knowledge of certificate handling and SSL encryption at customer side.
This documentation introduces the topic based on SAP products e.g., SAP Web Dispatcher. It is possible to use other tools, the parameterization will be slightly different. The overall concept stays valid.
Fundamentals
To realize a certificate-based communication, the SAP NetWeaver ABAP functionality certrule is used. Links to the documentation can be found in the last section “Links and Help”.
There are three areas, that can be considered for certificate-based communication. It is possible to use certificate-based communication only partly.
- Simple Diagnostics Agent as central data provider for all SAP Focused Fun applications.
- Landscape discovery for modelling technical systems in LMDB of SAP Focused Run.
- EarlyWatchAlert data transfer from connected ABAP systems to SAP Focused Run.