Creating and Assigning a Security Configuration That Uses X.509 Credentials

Create a new security configuration, assign the CertificateAuthenticationLoginModule authentication provider to it, and assign the security configuration to an Unwired Server domain.

Prerequisites
Install CertificateAuthenticationLoginModule dependencies. See Installing SAP Cryptographic Libraries on Unwired Server.
Task

The CertificateAuthenticationLoginModule authentication provider supports X.509 certificate logins to SAP systems through both JCo and DOE-C connections. You can assign security configurations to domains or packages.

  1. Log in to Sybase Control Center. Navigate to and select Security.
  2. Select the General tab, then New.
  3. Name the secrurity configuration, for example X509SECADMINCERT, and click OK.
  4. Select the X509SECADMINCERT security configuration.
  5. Select the Authentication tab.
  6. Click New and select com.sybase.security.core.CertificateAuthenticationLoginModule as the Authentication provider.
  7. Click OK to accept the default settings, or modify any additional settings as required.
  8. Select com.sybase.security.core.NoSecLoginModule and click Delete.
  9. Select the General tab, select Validate, then Apply.
  10. Navigate to the domain to which you are assigning the security configuration, and select the Security Configurations tab.
  11. Click Assign, and select X509SECADMINCERT to assign the security configuration to the domain.
  12. Select the Security tab, and remove any other security configurations for the domain, if configured.
Parent topic: Setting up SAP SSO Using X.509 Certificates
Previous topic: Implementing SSO in an Unwired Server Cluster