Configuring Communication with SSL Authentication on Systems Running SAP Basis 7.00, 7.01, 7.10, 7.11, 7.30, or 7.31

IT Asset Management (Cloud)
The SAP system needs to be configured to accept SSL communication. For this, a cryptographic library has to be installed. For more information, see SAP Note 510007.

To use SSL authentication, you need to install a Root Certificate (steps 15 to 18). Contact the Certificate Authority (CA) for an SSL certificate that is used by the inventory beacon server. You can download the Root Certificate in binary format or base64 format.

To configure communication using SSL authentication on a system running SAP Basis 7.00, 7.01, 7.10, 7.11, 7.30, or 7.31:

  1. Start the SOA Manager on the SAP system on which you want to configure the web service using the transaction code SOAMANAGER.
  2. On the SOA Management page, do the following, depending on which version of SAP Basis your system is running:
    • SAP Basis 7.00 or 7.10: Select the Business Administration tab and click Web Service Administration.
    • SAP Basis 7.01 or 7.11: Select the Application and Scenario Communication tab and click Single Service Administration.
    • SAP Basis 7.30 or 7.31: Select the Service Administration tab and click Web Service Configuration.
  3. On the next page, on the Search tab, locate the Search by menu and select Consumer Proxy from the list. In the Search Pattern field, type *SAPSERVICE*, and click Go.
    The search returns the web service SAPServiceSoap.
  4. Select the web service SAPServiceSoap and click Apply Selection.
  5. In the Details of Proxy Definition section, select the Configurations tab. Click Create Logical Port.
    The SOA Management dialog opens.
  6. Provide the following information:
    • Logical Port Name: Enter a unique name for your logical port.
    • Logical Port is Default: Select this check box to ensure that the default logical port is called. If this check box is not selected, communication between the inventory beacon and FlexNet Manager for SAP Applications is not possible.
    • Description: Enter a description.
    • Configuration Type: Select Manual Configuration.
  7. Click Apply Settings.
  8. On the Configuration for Logical Port name page, on the Consumer Security tab, select the User ID / Password.
  9. Under User ID/Password, provide the case-sensitive login credentials of the service account that are used on the inventory beacon.
    The recommended format is domain\user name.
    Note: If the user name and password of the service account changes on the inventory beacon, you must make the same changes in the SOA Manager.
  10. On the Messaging tab, open the Message ID Protocol menu and select Suppress ID Transfer. Accept the default values for all other options on this tab.
  11. On the Transport settings tab, provide the following information:
    • URL Access Path: Enter the URL access path /SAPService/SAPService.asmx.
    • URL Protocol Information: Select HTTPS.
    • Computer Name of Access URL: Enter the IP address of the relevant inventory beacon server.
    • Port Number of Access URL: Enter 443 which is the port number for SSL authentication.
    • Accept the default values for all other options on this tab.
  12. On the Operation specific tab, you need to manually add the SOAP action for every web-service operation.
    1. Add the web-service operations in the grid on the left. For each operation, specify the appropriate SOAP action in the SOAP Action field. The table SOAP Actions for the Web-Service Operation lists the operations and corresponding SOAP action. If you copy the SOAP actions from the table to paste each action into the SOAP Action field, ensure that you copy the entire line.
    2. On some SAP Basis versions, the Operation specific tab contains a check box next to the SOAP Action field. The label of this check box varies depending on the SAP Basis version, and listing all variations would exceed the scope of this documentation. Review the label and select or clear the check box to ensure that the SOAP action that you entered is active for the configuration. It is strongly recommended that you refer to the SAP documentation for more information on this check box.
  13. Click Save.
  14. Connect to the SAP system and run transaction STRUST to start the Trust Manager.
  15. Click Import Certificate .
  16. On the Import Certificate dialog, select the appropriate Root Certificate.
  17. Under File format, select the file format of the Root Certificate and click OK.
  18. In the system tree on the left pane of the Trust Manager, select SSL client SSL Client (Anonymous) and click Add to Certificate List.
  19. Start the Internet Communication Manager (ICM) using the transaction SMICM. (The ICM sends and receives requests to and from the Internet.)
  20. In the ICM Monitor screen, open the Administration menu and select ICM > Exit Soft > Global.
    This step resets the ICM Monitor. The new certificate is activated only after the reset.
  21. On the toolbar of the ICM Monitor screen, click Services .
  22. On the ICM Monitor - Service Display screen, click Refresh.
If the Active Services grid does not show a line for HTTPS, you need to add it.
  1. Open the Service menu and click Create.
  2. In the Define New Service dialog, provide the following information:
    • New Service Port: Enter 443.
    • Log: Enter HTTPS.
    • Keep Alive (in Sec.): Keep the default value or change to a value of your choice.
    • Max. Processing Time: Keep the default value or change to a value of your choice.
  3. Click OK.

IT Asset Management (Cloud)

Current