The SAP Passport is a convenient way to handle client based certificate authentication to your SAP NetWeaver Portal. It means that if your users have loaded an SAP Passport into their browser and you have enabled client certificates that use this certificate, then the user can log on to the SAP NetWeaver Portal without needing to enter a username and password.
The mechanism assumes that your AS Java trusts SAP Passport certificates. You can see this be navigating through the Visual Administrator to the Key Storage service and selecting the TrustedCAs view:
You will notice that the validNotAfter date is 18 July 2010. This means that after that date the certificate will not be trusted. So, you need to navigate to the SAP Service Marketplace and download the latest Root Certificate and load it.
The CA download can be accessed using http://service.sap.com/tcs and then navigate to Download Area -> Root Certificates and then select the SAP Passport CA Certificate:
When you select the link for the certificate, you will be prompted to Open or Save it. Select “Save” and give the file a name such as c:\temp\SAPPassportCA.crt. Make sure you select the “Save as type” as “All files”, as you don’t want to end up with a .cer file.
Now back in the Visual Administrator, you can use the “Load” option to upload the saved file. This will then change the validNotAfter date to July 2015.
Finally, put a note in your calendar to repeat this activity again in early 2015.